TN-415: Computer Hacking Forensics Investigator (CHFI)

 

 

 

 

 

 

 

Course Overview:

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to the prosecution of perpetrators.

The CHFI certification gives participants the necessary skills to perform an effective digital forensics investigation. CHRI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence

What’s Included:

  • 5 days of instructor-led in classroom training
  • Detailed Labs for hands-on learning experience; approximately 50% of training is dedicated to labs
  • Hundreds of investigation tools including EnCase, Access Data FTL, & ProDiscover
  • Huge cache of evidence files for analysis including RAW, .dd images, video & audio files, MS Office files, systems files, etc.
  • CHFI Courseware
  • Exam Voucher
  • CHFI onsite exam scheduling

Course Objectives:

  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
  • Perform anti-forensic methods detection
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
  • Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process
  • Identify & check the possible source/ incident origin
  • Recover deleted files and partitions in Windows, MAC OS X, and Linux
  • Conduct reverse engineering for known and suspected malware files
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents

Dates/Locations:

No Events

Duration: 5 Days

Course Content:

    • Module 01. Computer Forensics in Today’s World
    • Module 02. Computer Forensics Investigation Process
    • Module 03. Understanding Hard Disks and File Systems
    • Module 04. Data Acquisition and Duplication
    • Module 05. Defeating Anti-forensics Techniques
    • Module 06. Operating System Forensics (Windows, Mac, Linux)
    • Module 07. Network Forensics
    • Module 08. Investigating Web Attacks
    • Module 09. Database Forensics
    • Module 10. Cloud Forensics
    • Module 10. Malware Forensics
    • Module 11. Investigating Email Crimes
    • Module 12. Investigating Email Crimes
    • Module 13. Mobile Forensics
    • Module 14. Forensics Report Writing and Presentation

 

Prerequisites:

      • 2+ years of proven information security work experience
      • Educational background with digital security specialization

    Target Audience:

      • Law Enforcement
      • Defense & Military
      • E-Business Security
      • Systems Administrators
      • Legal Professionals
      • Banking & Insurance professionals
      • Government Agencies
      • IT Managers

  • Comments

    Latest comments from students

    Liked the class?  Then let everyone know!

Welcome to TechNow!

Welcome to TechNow! The Leader in Information Security Training & Computer Training.

The world of information security and computer training is ever changing.  The techniques and systems continue to evolve and we must stay current and diligent.  To do this, you can count on TechNow®…the leader in cybersecurity training and computer system training.

TechNow® has been training the leaders in the computer community for many years.  We provide training for students in a number of areas.  Our cybersecurity trainings include popular courses like D0D 8140, Security , CISM, CISSP, CEH,CCNA, and more.  With over 34 years of experience, we’re able to provide you with unmatched training and certification programs.

TechNow also provides a variety of other popular trainings for the computer professional including Cisco, EC-Council, CompTIA, Unix/Linux and more.

.

Search Our Site

Upcoming Events

  • TN-822: Certified Information Systems Auditor (CISA) Seminar
    • 10/06/2025 – 10/10/2025
    • San Antonio
  • CT-213: Cloud Essentials+
    • 10/14/2025 – 10/16/2025
    • San Antonio
  • PM-223: Introduction to Project Management
    • 10/14/2025 – 10/16/2025
    • San Antonio
  • CT-210: Project+
    • 10/27/2025 – 10/30/2025
    • San Antonio
  • CT-325: Security+
    • 10/27/2025 – 10/31/2025
    • San Antonio
  • all events

    • in   

    TN-999: Reverse Engineering Malware Course

    Course Overview:

    This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

    Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

    Date/Locations:

    No Events

    Duration: 5 days

    Course Objectives:

    • Toolkit and Lab Assembly
    • Malware Code and Behavioral Analysis Fundamentals
    • Malicious Static and Dynamic Code Analysis
    • Collecting/Probing System and Network Activities
    • Analysis of Malicious Document Files
    • Analyzing Protected Executables
    • Analyzing Web-Based Malware
    • DLL Construction and API Hooking
    • Common Windows Malware Characteristics in x86 Assembly
    • Unpacking Protected Malware
    • In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
    • In-Depth Analysis of Malicious Executables
    • Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

    Prerequisites:

    • Strong understanding of core systems and network concepts
    • Exposure to programming and assembly concepts
    • Comfortable with command line access

    Comments

    Latest comments from students

    User: marcus.osullivan

    Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

    Facilities comments: The baby deer were neat! I like the resort.

    Liked the class?  Then let everyone know!

    TN-969: Windows Security Administrator Course

    Course Overview:

    A skills focus enables the student to better absorb the subject matter and perform successfully on the job.  This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs to secure Windows systems. Lecture and labs start with quick review of Active Directory and group policy to enforce security mechanisms within the Windows architecture.  Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations.  PowerShell is made for SecOps/DevOps automation and students will learn to write PowerShell scripts to automate security operations and Desired State Configuration (DSC).  The course concludes with exercising real attack strategies to demonstrate the effectives of properly securing your host.

    Attendees to TN-969: Windows Security Administrator course will receive TechNow approved course materials and expert instruction.

    Date/Locations:

    No Events

    Duration: 5 days

    Course Objectives:

    • Active Directory and BloodHound
    • Security Controls
    • PKI
    • Encryption
    • Wireless & Network Security and Hardening DNS
    • 802.1x and Endpoint Protection
    • Firewalls and VPN
    • PowerShell Scripting
    • JEA, DSC, Enterprise Security with PowerShell
    • Windows Attack Strategies

    Prerequisites:

    • Security+
    • Windows System Administration Skills

     

    Comments

    Latest comments from students

    User: bbrabender

    Instructor comments: Instructor was very knowledgeable and help more inexperienced users with concepts as well explaining in a way that can be understood.

    Facilities comments: N/A

    User: dale.r.anderson

    Instructor comments: Instructor was well knowlegeable accross alot of domains.

    Facilities comments: Pretty good

    Liked the class?  Then let everyone know!

    TN-939: Hacker Techniques, Exploits, and Incident Handling Course

    Course Overview:

    A skills focus enables the student to better absorb the subject matter and perform successfully on the exam.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.  Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations. The course concludes with exercising real attack strategies to demonstrate the techniques acquired throughout the course.

    Attendees to TN-939:  Hacker Techniques, Exploits, and Incident Handling will receive TechNow approved course materials and expert instruction.

    Date/Locations:

    No Events

    Duration: 9 days

    Course Objectives:

    • Backdoors & Trojan Horses
    • Buffer Overflows
    • Covering Tracks: Networks
    • Covering Tracks: Systems
    • Denial of Service Attacks
    • Exploiting Systems Using Netcat
    • Format String Attacks
    • Incident Handling Overview and Preparation
    • Incident Handling Phase 2: Identification
    • Incident Handling Phase 3: Containment
    • Incident Handling: Recovering and Improving Capabilities
    • IP Address Spoofing
    • Network Sniffing
    • Password Attacks
    • Reconnaissance
    • Rootkits
    • Scanning: Host Discovery
    • Scanning: Network and Application Vulnerability scanning and tools
    • Scanning: Network Devices (Firewall rules determination, fragmentation, and IDS/IPS evasion)
    • Scanning: Service Discovery
    • Session Hijacking, Tools and Defenses
    • Types of Incidents
    • Virtual Machine Attacks
    • Web Application Attacks
    • Worms, Bots & Bot-Nets

    Prerequisites:

    • GSEC or equivalent experience
    • UNIX, Windows, Networking, and Security Experience
    • This is a hands-on skill course requiring comfort with command line interaction and network communications

    Comments

    Latest comments from students

    User: m_jurrens

    Instructor comments: Both instructors Mr. Askey and Mr. Hackney, were very good. the open learning environment was extremely productive and I felt we all learned far more that we ever would out of a structured rote memorization course.

    User: natebonds

    Instructor comments: Both Mr. Askey and Hackney were extremely knowledgeable. They were also extremely interested in helping each student learn. I was particularly impressed with the way they tailored the course to optimize our time since we weren't testing. I feel like I know much much more than I did when the class started.

    Facilities comments: The facilities were fine. I would have preferred it be closer to Lackland.

    Liked the class?  Then let everyone know!