Passed CHFI Last Week
Last week I completed EC-Council's Certified Hacking Forensics Investigator (CHFI). The test had a mix of tough questions and very easy questions that I was not expecting to be at that level of testing. The material I used for the test included:
Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition
Amazon.com: Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition (Information Security) (9780849383281): Albert Marcella Jr., Doug Menendez: Electronics
Critical Incident Management
Amazon.com: Critical Incident Management (9780849300103): Alan B. Sterneckert: Electronics
EC Council. (2010). Computer forensics: Investigation procedures and response (Vol. 1). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Investigation Procedures and Response (Ec-Council Press Series : Computer Series) (9781435483491): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating hard disks, file and operating systems (Vol. 2). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Hard Disk and Operating Systems (Ec-Council Press Series : Computer Forensics) (9781435483507): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating data and image files (Vol. 3). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Investigating Data and Image Files (Ec-Council Press Series: Computer Forensics) (9781435483514): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating network intrusions and cyber crime (Vol. 4). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Investigating Network Intrusions and Cyber Crime (Ec-Council Press Series: Computer Forensics) (9781435483521): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating wireless networks and devices (Vol. 5). Course Technology Cengage Learning.Amazon.com: Computer Forensics: Investigating Wireless Networks and Devices (C(Computer) Hfi (Hacking Forensic Investigator) (978143548353: EC-Council: Books
I personally do not believe these materials are enough to cover the test. I have a lot of experience with security tools and administration of Enterprise class networks and UNIX, Linux and Windows Operating Systems. To that effect if someone wants to this test and they do not have that sort of experience they should seek additional resources. The CHFI is recommended for people who have completed the Certified Ethical Hacker, if that is not the case for you then you need to read through the EC-Council CEH books. I recommend looking at my old thread of passing CEH to see what other resources I used to cover that material.
http://www.techexams.net/forums/ec-council-ceh-chfi/62540-passed-c-eh-two-days-ago.html?highlight=chris%3A%2F*
As for theory books I recommend the books that make up the Microsoft Certified System Administrator (MCSA) series 2003 or Microsoft Certified Information Technology Professional : Enterprise Administrator (MCITP:EA). For Linux, the Linux System Administration Handbook and or Michael Jangs RHCSA/RHCE study guide. For the network fundamentals a review of Interconnecting Cisco Network Devices (ICND) 1 & 2 should be plenty.
Overall I enjoyed learning the material but I confirmed my suspicion that I have no interest in Forensics unless it deals with actual emergency response such as being apart of CERT or CSIRT.
Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition
Amazon.com: Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition (Information Security) (9780849383281): Albert Marcella Jr., Doug Menendez: Electronics
Critical Incident Management
Amazon.com: Critical Incident Management (9780849300103): Alan B. Sterneckert: Electronics
EC Council. (2010). Computer forensics: Investigation procedures and response (Vol. 1). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Investigation Procedures and Response (Ec-Council Press Series : Computer Series) (9781435483491): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating hard disks, file and operating systems (Vol. 2). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Hard Disk and Operating Systems (Ec-Council Press Series : Computer Forensics) (9781435483507): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating data and image files (Vol. 3). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Investigating Data and Image Files (Ec-Council Press Series: Computer Forensics) (9781435483514): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating network intrusions and cyber crime (Vol. 4). Course Technology Cengage Learning.
Amazon.com: Computer Forensics: Investigating Network Intrusions and Cyber Crime (Ec-Council Press Series: Computer Forensics) (9781435483521): EC-Council: Books
EC Council. (2010). Computer forensics: Investigating wireless networks and devices (Vol. 5). Course Technology Cengage Learning.Amazon.com: Computer Forensics: Investigating Wireless Networks and Devices (C(Computer) Hfi (Hacking Forensic Investigator) (978143548353: EC-Council: Books
I personally do not believe these materials are enough to cover the test. I have a lot of experience with security tools and administration of Enterprise class networks and UNIX, Linux and Windows Operating Systems. To that effect if someone wants to this test and they do not have that sort of experience they should seek additional resources. The CHFI is recommended for people who have completed the Certified Ethical Hacker, if that is not the case for you then you need to read through the EC-Council CEH books. I recommend looking at my old thread of passing CEH to see what other resources I used to cover that material.
http://www.techexams.net/forums/ec-council-ceh-chfi/62540-passed-c-eh-two-days-ago.html?highlight=chris%3A%2F*
As for theory books I recommend the books that make up the Microsoft Certified System Administrator (MCSA) series 2003 or Microsoft Certified Information Technology Professional : Enterprise Administrator (MCITP:EA). For Linux, the Linux System Administration Handbook and or Michael Jangs RHCSA/RHCE study guide. For the network fundamentals a review of Interconnecting Cisco Network Devices (ICND) 1 & 2 should be plenty.
Overall I enjoyed learning the material but I confirmed my suspicion that I have no interest in Forensics unless it deals with actual emergency response such as being apart of CERT or CSIRT.
Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology
Comments
-
Chris:/* Member Posts: 658 ■■■■■■■■□□rogue2shadow wrote: »Congrats on the exam! Thanks for the resource links.
Thanks rogue2shadow.Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology -
whatthehell Member Posts: 920Congratz on the pass and thanks for the great resource listing! Seems like the test was pretty hard huh?2017 Goals:
[ ] Security + [ ] 74-409 [ ] CEH
Future Goals:
TBD -
Chris:/* Member Posts: 658 ■■■■■■■■□□I thought so but it is also dependent on experience level and I have very little when it comes to forensics.Degrees:
M.S. Information Security and Assurance
B.S. Computer Science - Summa Cum Laude
A.A.S. Electronic Systems Technology