Computer Hacking Forensic Investigator


This Computer Hacking Forensic Investigator (CHFI v9) course will award the participants with the necessary skills to detect an intruder’s footprints and gather the necessary requisite evidence to prosecute properly. This course will refurbish you about the latest top tools of the forensic trade, including hardware, software, and specialized tools and techniques. No longer you have to worry about being compromised by hackers

Accredited by


Group Training

Looking for a personalized training for a group (3 or more participants) at your preferred location?
Contact us

GreyCampus is an EC-Council ATC

Course Overview


The Computer Hacking Forensic Investigator (CHFI) course imparts the security discipline of computerized forensics from a vendor-neutral perspective. CHFI is an extensive course which covers major forensic investigation schemes and empowers the students to acquire the relevant hands-on experience with various forensic investigation tools and techniques. Additionally, it also conveys necessary information regarding the use of standard forensic tools for successfully carrying out computer forensic investigation which may lead to the prosecution of violators.

The CHFI certification also gives the participants (network administrators, law enforcement personnel, security professionals, legal professionals and officers, defense and military personnel, bankers, security officers, and anyone who is directly connected with the integrity of the network infrastructure) with the requisite skills to perform a detailed and compelling digital forensics investigation.

CHFI, therefore, presents a technological and specialized approach to computer forensics. This primarily includes searching and snagging, chain-of-custody, acquisition, recovery, preservation, thorough investigation and analysis, and finally reporting of digital evidence.

  • Instructor led training modules:: 1 Year
  • Official e-courseware: 1 Year
  • Access to EC-COUNCIL iLabs: 6 Months
  • Course completion certificate: Yes
  • CHFI Exam Voucher: Yes

Course Outline


Call us


Live chat


Contact us

Frequently Asked Questions



  • The course was devised and developed by competent Subject Matter Experts and digital forensics practitioners.
  • This is a complete vendor-neutral course which covers all the leading forensics investigations’ technologies, operations, and solutions.
  • This course offers you a detailed lab for manual learning experience; which is approximately 50% of training time that is dedicated to labs.
  • This course covers all the key knowledge-bases and skills which effectively meets with regulatory compliance standards such as SOX, ISO 27001, HIPPA, PCI DSS, etc
  • The program presents a forensic investigation methodology of repute which is expected from a versatile digital forensic professional. 

A: The CHFI program is specially designed for all IT professionals who are involved with computer forensics, information system security, and incident response.

Target Audience
  • IT managers

  • Defense and Military personnel

  • Systems administrators

  • Banking, Insurance and other professionals

  • Government agencies

  • Legal professionals

  • e-Business Security professionals

  • Police and other law enforcement personnel

A:  Students undergoing CHFI training will learn the following:

  • Set up threat intelligence and major learning points with a view to supporting proactive profiling and scenario modeling.

  • Conduct anti-forensic detection procedures.

  • Perform post-intrusion analysis of electronic and digital media to discover the what, where, who, how, and when the intrusion occurred.

  • Extract information and analysis of logs from various devices like firewall, proxy,  IDS, IPS, Desktop, servers, laptop, SIM tool, router, switches AD server, Access Control Logs, DHCP logs, and wrap up as part of the investigation process.

  • Detect and check the possible source/outcome/ incident origin.

  • Retrieve deleted files and partitions in Mac OS X, Windows, and Linux.

  • Perform reverse engineering for suspected and known malware programs and files.

  • Compile data using forensic technology techniques and methods in accordance with the evidence and testimony handling procedures, including the collection of a hard copy and electronic media documents.


  • It covers the latest forensics examination methods, including MAC Forensics and Linux.
  • Conducts lab tests on Cloud Forensics, Database Forensics, Defeating Anti-forensics Techniques, and Malware Forensics.

A: iLearn is EC Council’s online, self-paced option. This implies all the modules which are taught in the live course are recorded, registered and presented in a streaming video format. It gives an option to the candidate to set up his own learning speed by taking occasional pauses in between the lectures and return to the study plan as per the schedule.


Exam Name: CHFI EC0 312-49

Test Duration: 4 Hours

Number of Questions: 150

Test Format: Multiple Choice

Test Delivery: ECC Exam Portal


500 +

Expert Trainers

250000 +

Hours Delivered

100000 +

Professionals Trained

Got queries?