TN-415: Computer Hacking Forensics Investigator (CHFI)

 

 

 

 

 

 

 

Course Overview:

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to the prosecution of perpetrators.

The CHFI certification gives participants the necessary skills to perform an effective digital forensics investigation. CHRI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence

What’s Included:

  • 5 days of instructor-led in classroom training
  • Detailed Labs for hands-on learning experience; approximately 50% of training is dedicated to labs
  • Hundreds of investigation tools including EnCase, Access Data FTL, & ProDiscover
  • Huge cache of evidence files for analysis including RAW, .dd images, video & audio files, MS Office files, systems files, etc.
  • CHFI Courseware
  • Exam Voucher
  • CHFI onsite exam scheduling

Course Objectives:

  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
  • Perform anti-forensic methods detection
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
  • Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process
  • Identify & check the possible source/ incident origin
  • Recover deleted files and partitions in Windows, MAC OS X, and Linux
  • Conduct reverse engineering for known and suspected malware files
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents

Dates/Locations:

Date/Time Event
06/29/2026 - 07/03/2026
08:00 -16:00 		TN-415: Computer Hacking Forensics Investigator (CHFI)
TechNow, Inc, San Antonio TX
09/28/2026 - 10/02/2026
08:00 -16:00 		TN-415: Computer Hacking Forensics Investigator (CHFI)
TechNow, Inc, San Antonio TX

Duration: 5 Days

Course Content:

    • Module 01. Computer Forensics in Today’s World
    • Module 02. Computer Forensics Investigation Process
    • Module 03. Understanding Hard Disks and File Systems
    • Module 04. Data Acquisition and Duplication
    • Module 05. Defeating Anti-forensics Techniques
    • Module 06. Operating System Forensics (Windows, Mac, Linux)
    • Module 07. Network Forensics
    • Module 08. Investigating Web Attacks
    • Module 09. Database Forensics
    • Module 10. Cloud Forensics
    • Module 10. Malware Forensics
    • Module 11. Investigating Email Crimes
    • Module 12. Investigating Email Crimes
    • Module 13. Mobile Forensics
    • Module 14. Forensics Report Writing and Presentation

 

Prerequisites:

      • 2+ years of proven information security work experience
      • Educational background with digital security specialization

    Target Audience:

      • Law Enforcement
      • Defense & Military
      • E-Business Security
      • Systems Administrators
      • Legal Professionals
      • Banking & Insurance professionals
      • Government Agencies
      • IT Managers

  • Comments

    Latest comments from students

    Liked the class?  Then let everyone know!

TN-5320: Microsoft Modern Desktop Administrator

 

 

 

 

Course Overview:

Learn how a Modern Desktop Administrators deploys, configures, secures, manage, and monitors devices and client applications in an enterprise environment. This is a hands-on, instructor led Bootcamp focusing on the real world responsibilities of a Modern Desktop Administrator and covering the information needed for the certification exams, which are administered while attending.

If you’ve passed Exam 70-698: Configuring Windows 10 (retired March 31, 2019) you only need to take MD-101 to earn this new certification.

This certification is one of the workload administrator certification required for the Microsoft 365 Certified: Enterprise Administrator Expert certification.

Dates/Locations:

No Events

Duration: 10 Days

Course Content:

    • Module 01. Installing Windows
    • Module 02. Updating Windows
    • Module 03. Post-Installation Configuration and Personalization
    • Module 04. Configuring Peripherals and Drivers
    • Module 05. Configuring Networks
    • Module 06. Configuring Storage
    • Module 07. Managing Apps in Windows 10
    • Module 08. Configuring Authorization & Authentication
    • Module 09. Configuring Data Access and Usage
    • Module 10. Configuring Advanced Management Tools
    • Module 11. Supporting the Windows 10 Environment
    • Module 12. Troubleshooting the Windows OS
    • Module 13. Troubleshooting Files & Applications
    • Module 14. Troubleshooting Hardware and Drivers
    • Module 15. Planning an Operating System Deployment Strategy
    • Module 16. Implementing Windows 10
    • Module 17. Managing Updates for Windows 10
    • Module 18. Device Enrollment
    • Module 19. Configuring Profiles
    • Module 20. Application Management
    • Module 21. Managing Authentication in Azure AD
    • Module 22. Managing Devices and Device Policies
    • Module 23. Managing Security

 

Prerequisites:

      • Microsoft 365 Certified Fundamentals (M-MS900)

Target Audience:

IT professionals who perform installation, configuration, general local management and maintenance of Windows 10 core services. Candidates may also be familiar with enterprise scenarios and cloud-integrated services.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-535: Certified Forensic Computer Examiner (CFCE)

CCFE Core Competencies

  • Procedures and Legal Issues
  • Computer Fundamentals
  • Partitioning Schemes
  • Data Recovery
  • Windows File Systems
  • Windows Artifacts
  • Report writing (Presentation of Finding)
  • Procedures and Legal issues
  1. Knowledge of search and subjection and rules for evidence as applicable to computer forensics.
  2. Ability to explain the on-scene action taken for evidence preservation.
  3. Ability to maintain and document an environment consolidating the computer forensics.
  • Computer Fundamentals
  1. Understand BIOS
  2. Computer hardware
  3. Understanding of numbering system (Binary, hexadecimal, bits, bytes).
  4. Knowledge of sectors, clusters, files.
  5. Understanding of logical and physical files.
  6. Understanding of logical and physical drives.
  • Partitioning schemes
  1. Identification of current partitioning schemes.
  2. Understanding of primary and extended partition.
  3. Knowledge of partitioning schemes and structures and system used by it.
  4. Knowledge of GUID and its application.
  • Windows file system
  1. Understanding of concepts of files.
  2. Understanding of FAT tables, root directory, subdirectory along with how they store data.
  3. Identification, examination, analyzation of NTFS master file table.
  4. Understanding of $MFT structure and how they store data.
  5. Understanding of Standard information, Filename, and data attributes.
  • Data Recovery
  1. Ability to validate forensic hardware, software, examination procedures.
  2. Email headers understanding.
  3. Ability to generate and validate forensically sterile media.
  4. Ability to generate and validate a forensic image of media.
  5. Understand hashing and hash sets.
  6. Understand file headers.
  7. Ability to extract file metadata from common file types.
  8. Understanding of file fragmentation.
  9. Ability to extract component files from compound files.
  10. Knowledge of encrypted files and strategies for recovery.
  11. Knowledge of Internet browser artifacts.
  12. Knowledge of search strategies for examining electronic
  • Windows Artifacts
  1. Understanding the purpose and structure of component files that create the windows registry.
  2. Identify and capability to extract the relevant data from the dead registry.
  3. Understand the importance of restore points and volume shadow copy services.
  4. Knowledge of the locations of common Windows artifacts.
  5. Ability to analyze recycle bin.
  6. Ability to analyze link files.
  7. Analyzing of logs
  8. Extract and view windows logs
  9. Ability to locate, mount and examine VHD files.
  10. Understand the Windows swap and hibernation files.
  • Report Writing (Presentation of findings)
  1. Ability to conclude things strongly based on examination observations.
  2. Able to report findings using industry standard technically accurate terminologies.
  3. Ability to explain the complex things in simple and easy terms so that non-technical people can understand clearly.
  4. Be able to consider legal boundaries when undertaking a forensic examination

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

 

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

    • To provide management an overview of what it takes to stand up a SOC.

Prerequisites:

  • Students should have an understanding of the security field.

Course Outline:

  • What threats does my organization care about?
  • What does a threat look like?
  • What does a threat look like?
  • How to present the SOC internally.
  • Communication with Stakeholders and Executives
    • Leveraging and integrating existing security measures
  • People
    • Establishing a skill matrix and work roles for SOC members
    • Establishing a training path
    • Personnel background requirementsProcesses
  • Processes
    • Alignment to standards: NIST, PCI, HIPAA, etc.
    • Risk related decision trees
    • Playbooks
    • Threat Intelligence Integration
  • Technology – Tool Suites to Support:
    • Ethical Hacking
    • Network Security Monitoring and SIEM
    • Forensics
    • Dashboards
    • Analysis and Hunting
    • Incident Management and Ticketing

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!