Thursday, 15 November 2007

Digital Forensic Book Now Available

Just an announcement of a book being available and off the press.

“The Official CHFI Study Guide (Exam 312-49)” is off the press and available now.
This is available from Amazon at http://www.amazon.com/Official-CHFI-Study-Guide-312-49/dp/1597491977 as well as your choice of Book sellers.

Book Description
This is the official CHFI study guide for professionals studying for the forensics exams and for professionals needing the skills to identify an intruder's footprints and to properly gather the necessary evidence to prosecute.

The EC-Council offers certification for ethical hacking and computer forensics. Their ethical hacker exam has become very popular as an industry gauge and we expect the forensics exam to follow suit.

The material is presented in a logical learning sequence: a section builds upon previous sections and a chapter on previous chapters. All concepts, simple and complex, are defined and explained when they appear for the first time. This book includes the following special chapter elements: Exam objectives covered in a chapter are clearly explained in the beginning of the chapter, Notes and Alerts highlight the crucial points, Exams Eye View section at the end of each chapter emphasizes the important points from the exams perspective, Key Terms present the definitions of key terms used in the chapter, Review Questions section at the end of each chapter that contains the questions modelled after the real exam questions based on the material covered in the chapter. The answers to these questions are presented with explanations in an appendix. Also included is a full practice exam modelled after the real exam. The answers to the exam questions are presented with full explanations.

* The only study guide for CHFI, provides 100% coverage of all exam objectives.
* Full web-based practice exam with explanations of correct and incorrect answers

7 comments:

Anonymous said...

Seen your post on CSU forum. I've done CEH course and passed the exam with no probs. In my opinion CEH course is deficient in both, course delivery and its structure. If EC-Council teaches Forensics the same way they teaching CEH, than it is scarry.

Craig S Wright said...

I agree that there are deficencies with the CEH. It is marketed as an advanced certification, but is really an entry level one.

CHFI is an introduction to digital forenscis. The book is based on the topics that are being covered in the course, but we have gone further then this and I hope created somethingof value to those starting in the field or wanting to get into digital forensics.

I am going to create my own course and offer this next year that will go into the materials in the book as an introduction to digital forensic methods.

You may also note that I have SANS/GIAC certifications and do not rely on the CEH. It I believe makes me more rounded.

Anonymous said...

It would be nice to have a forensic course that is into the file structure (FAT/NTFS/EXT2 etc)first, and only then data acquisition, digital evidence collection and preservation and freeware forensic tools.

Craig S Wright said...

Keep watching this space.

In Q1 next year I shall be offering a number of courses. These will be small classes, hands on and intense. They will have a number of focus areas and shall be designed to increse specific skill areas.

Andre's Ideas said...

Another problem with short courses is that there is no screening/evaluation process of the enrolled course participants. This usually results in reduced effectiveness of the course. Some of the class participants may have a very basic understanding of the topic and some more advanced, both would like to learn something new. Those who have only basic understanding are getting frustrated by their instructor who is trying to teach more advanced people and vice versa. I am yet to see some sort of online evaluation (timed) for the potential participants who would like to enrol in short courses. This process would allow to group people together according to their level of knowledge and even offer shorter and cheaper courses for those who already knowledgeable enough. I guess you can call it a ‘targeted delivery of information’. Employing new teaching techniques such as mind mapping etc would also make such courses more attractive.

Craig S Wright said...

Andre, I was planning on starting a series of training nsessions next year. These had bee set to be at various levels from Introductory to Advanced practitioner.

To complement these I am also starting a series of free breakfast seminars of 2-3 hours each (only in Au at the moment).

Your idea of adding a test is a good one and I will consider it and may even have to steal it so to speak.

Andre's Ideas said...

You are welcome to use my idea. I would like to see more IT security professionals here in Australia. It will make my job easier (LE).