Use this quick start guide to collect all the information about EC-Council CHFI (312-49) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the 312-49 EC-Council Computer Hacking Forensic Investigator exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual EC-Council CHFI v11 certification exam.
The EC-Council CHFI certification is mainly targeted to those candidates who want to build their career in Cyber Security domain. The EC-Council Computer Hacking Forensic Investigator (CHFI) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of EC-Council CHFI v11.
EC-Council CHFI Exam Summary:
| Exam Name | EC-Council Computer Hacking Forensic Investigator (CHFI) |
| Exam Code | 312-49 |
| Exam Price | $650 (USD) |
| Duration | 240 mins |
| Number of Questions | 150 |
| Passing Score | 70% |
| Books / Training | Courseware |
| Schedule Exam | Pearson VUE OR ECC Exam Center |
| Sample Questions | EC-Council CHFI Sample Questions |
| Practice Exam | EC-Council 312-49 Certification Practice Exam |
EC-Council 312-49 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Computer Forensics in Today’s World |
- Fundamentals of Computer Forensics - Cybercrimes and their Investigation Procedures - Digital Evidence and eDiscovery - Forensic Readiness - Role of Various Processes and Technologies in Computer Forensics - Roles and Responsibilities of a Forensic Investigator - Challenges Faced in Investigating Cybercrimes - Standards and Best Practices Related to Computer Forensics - Laws and Legal Compliance in Computer Forensics |
| Computer Forensics Investigation Process |
- Forensic Investigation Process and its Importance - First Response - Pre-Investigation Phase - Investigation Phase - Post-Investigation Phase |
| Understanding Hard Disks and File Systems |
- Disk Drives and their Characteristics - Logical structure of a Disk - Booting Process of Windows, Linux, and macOS Operating Systems - File Systems of Windows, Linux, and macOS Operating Systems - File System Analysis - Storage Systems - Encoding Standards and Hex Editors - Analyze Popular File Formats |
| Data Acquisition and Duplication |
- Data Acquisition - eDiscovery - Data Acquisition Methodology - Preparing an Image File for Examination |
| Defeating Anti-Forensics Techniques |
- Anti-Forensics Techniques - Data Deletion and Recycle Bin Forensics - File Carving Techniques and Ways to Recover Evidence from Deleted Partitions - Password Cracking/Bypassing Techniques - Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension - Mismatch - Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption - Program Packers and Footprint Minimizing Techniques |
| Windows Forensics |
- Windows Forensics - Collect Volatile Information - Collect Non-volatile Information - Windows Memory Analysis - Windows Registry Analysis - Electron Application Analysis - Web Browser Forensics - Examine Windows Files and Metadata - ShellBags, LNK Files, and Jump Lists - Text-based Logs and Windows Event Logs |
| Linux and Mac Forensics |
- Collect Volatile Information in Linux - Collect Non-Volatile Information in Linux - Linux Memory Forensics - Mac Forensics - Collect Volatile Information in Mac - Collect Non-Volatile Information in Mac - Mac Memory Forensics and Mac Forensics Tools |
| Network Forensics |
- Network Forensics - Event Correlation - Indicators of Compromise (IoCs) from Network Logs - Investigate Network Traffic - Incident Detection and Examination - Wireless Network Forensics - Detect and Investigate Wireless Network Attacks |
| Malware Forensics |
- Malware - Malware Forensics - Static Malware Analysis - Analyze Suspicious Documents - System behavior Analysis - Network behavior Analysis - Ransomware Analysis |
| Investigating Web Attacks |
- Web Application Forensics - Internet Information Services (IIS) Logs - Apache Web Server Logs - Detect and Investigate Various Attacks on Web Applications |
| Dark Web Forensics |
- Dark Web and Dark Web Forensics - Identify the Traces of Tor Browser during Investigation - Tor Browser Forensics |
| Cloud Forensics |
- Cloud Computing - Cloud Forensics - Amazon Web Services (AWS) Fundamentals - AWS Forensics - Microsoft Azure Fundamentals - Microsoft Azure Forensics - Google Cloud Fundamentals - Google Cloud Forensics |
| Email and Social Media Forensics |
- Email Basics - Email Crime Investigation and its Steps - U.S. Laws Against Email Crime - Social Media Forensics |
| Mobile Forensics |
- Mobile Device Forensics - Android and iOS Architecture and Boot Process - Mobile Forensics Process - Investigate Cellular Network Data - File System Acquisition - Phone Locks, Rooting, and Jailbreaking of Mobile Devices - Logical Acquisition on Mobile Devices - Physical Acquisition of Mobile Devices - Android and iOS Forensic Analysis |
| IoT Forensics |
- IoT Concepts - IoT Devices Forensics |
To ensure success in EC-Council CHFI v11 certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for EC-Council Computer Hacking Forensic Investigator (312-49) exam.