August 30, 2010 at 12:11 pm #5514kabilaParticipant
Greetings to all ,
did any just pass the CHFI EXAM. I want to know the best way and materials to read in preparation for the exam . And where to get good CHFI DUMPS.
August 30, 2010 at 2:02 pm #34802
While many are reading this, be advised, I need dumps too. See, I’m going to be a doctor and I’m going to place someone’s life in my hands. I think I need to read and memorize some books for the sake of passing the exam therefore anyone who may have dumps on becoming a doctor, please post them. After memorizing the books and learning nothing, I think I will now go and place a life in my hands. Anyone want free surgery?
If you have to pass an exam like this, why don’t you move along to another field. Usually I don’t post these kinds of responses but in a situation like this, it’s unusually sickening to see how people view the industry and the profession of forensics. Forensics at its best will either convict or exonerate someone of a crime. I’ve seen personally the downsides of non-competent forensics investigators (http://mobileforensics.wordpress.com/bio/ [see note below on this]) – who often carry the weight of assisting in the conviction or exoneration of someone – not have a clue with *someone* in the end being affected in an adverse way.
If you’re taking the exam for the sake of doing something other than taking forensics seriously, you’re devaluing the certification for those of us who have passed the exam. Those of us who’ve taken the time to understand the field and respect OURSELVES enough to take pride in certain arenas.
I’ve dealt with many individuals in government, private industry, hobbyists and for those that I’ve seen and corresponded with when it comes to forensics are a prideful bunch. Nary a time I’ve seen anyone come out with “give me a dump” to make me an expert. I’ve had the opportunity to learn from some of the best in the industry throughout my years and have learned for the sake of understanding it. NOT for the sake of passing a cert.
A dump will not make you an expert period. Learn the material. You wanna pass the CHFI study what EC-Council would like you to understand.
Understand that in this test there are a lot of questions related to LAWS. You know, those things that can either convict or free someone.
Four years ago, while pregnant, Ms. Amero went to work one day as a substitute teacher and left with felony charges against her.
Her crime? Julie Amero was convicted of four felony counts, each count carrying a maximum of ten years, for exposing school children to pornography.
The substitute teacher didn’t know what to do to make them stop, so she was led away in handcuffs and convicted of felony charges carrying a maximum sentence of forty years in prison.
A number of computer security experts, led by software developer and blogger, Alex Eckelberry noticed serious technical errors were made throughout her trial. Mr. Eckelberry brought together a group of forensic investigators who volunteered to analyze the computer hard drive she was using in the classroom that day and published a report on their findings.
The group’s report ultimately caused Julie’s conviction to be overturned. Judge Hillary Strackbein overturned the unjust verdict in 2007 and ordered a new trial because of erroneous and false information given during the initial trial.
Thankfully there are GOOD forensics investigators out there. Those who’ve taken the time to learn to investigate. You know, that thing you do when you actually have to use your brain for a change
Mobile Forensics Link Note (http://mobileforensics.wordpress.com/bio/)
I was reading this blog as recommended from a friend who works at EnCase. I was performing an analysis of a Blackberry using Oxygen Forensics. After reading the blog and analyzing the procedures used by this former Sergeant Detective and “forensics” expert, I was sad and shocked to see more or less the same. Someone who seemed to perhaps have “read and memorized” a book.
As a forensics expert, everything has to be repeatable, taint free, cross-correlated and stand up in a court of law. Remember, you may need to prove that something happened on a machine (your job is not to see John Smith did this – your role is to present what occurred). The fuse that lit the bomb? I recommend making a working copy and a archive copy. Now reseal and store your exhibit. Think about this for a moment. This shouldn’t and ISN’T a recommendation. When you’re acquiring evidence, you follow the rules and procedures. There is no “recommending” making any copies of archives. These are 1) mandates 2) common sense. See my gripe here?
Imagine if the woman mentioned in the article were your mother, your sister, your wife. How would you feel if their life were entrusted to some shmoe taking exam dumps?
And this is not even to mention that after her very public arrest, the pregnant teacher suffered a miscarriage. Subsequently, Ms. Amero has been hospitalized because of declining health due to stress.
In March 2008 a $2,400 ad appeared in the Hartford Courant which was signed by 28 computer science professors arguing that Ms. Amero could not have controlled the pornographic pop-ups. Trial Detective Mark Lounsbury never checked for the presence of malware.
Go read the books. Understand what you’re doing or find another field. Don’t degrade and or devalue this certification.
August 31, 2010 at 7:58 pm #34803smorganParticipant
If you are looking for brain dumps, then I’m sorry I can’t help you. But if you are serious about getting CHFI certified, then I can help you. I work for Firebrand Training and we provide CHFI certification courses. We have many EC-Council awards for our work.
if you are looking for the self-study option, then I recommend you the following books:
The Official CHFI Study Guide (Exam 312-49): For Computer Hacking Forensic Investigator (Taschenbuch)
Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet (Gebundene Ausgabe)
Hope this helps and good luck
August 31, 2010 at 9:58 pm #34804
September 1, 2010 at 12:29 am #34805caissydParticipant
I agree with you guys. This may be the hardest thing to do in IT security. I believe you need a lot of experience in order to, like sil mentioned, play with people’s life.
But on the other hand, he did say:
I want to know the best way and materials to read in preparation for the exam
The key words are “the best way”. So thanks smorgan for helping him!
Like it’s been debated on this forum many times, certifications doesn’t you an expert (and I am the leaving proof of that! :P). But I believe it is a step in the good direction. If this his goal to be a forensic investigator, then he has to start somewhere!
And where to get good CHFI DUMPS
This wasn’t exactly the best quote of the forum… :-
September 1, 2010 at 2:17 am #34806impelseParticipant
I agree guys, It is amazing how I like this feel b ut sometimes I feel that I do not have some progress, like if I stuck in something until I get it well. But it is worth it
September 1, 2010 at 10:19 am #34807kabilaParticipant
I thank you all for your time . We learn everyday . I am very sorry if I did sound lazy by asking for dumps but I stand to be corrected any day because I am ready to learn.
Now what materials should I read and which topics should I concentrate more .
Please help me guys .
Warm shout out to all.
September 1, 2010 at 10:32 am #34808UNIXParticipant
smorgan already recommended two books to you, so you might take a look at those.
September 1, 2010 at 8:04 pm #34809Don DonzalKeymaster
Welcome to EH-Net. The feelings of the community have been pretty clearly stated. But let me take this opportunity to thank you for taking it the right way. Many would simply yell back or leave. You were strong enough to take the advice and move forward in a positive manner.
That kind of attitude is welcomed and encouraged.
Let us know how you like the recommended books.
September 1, 2010 at 9:15 pm #34810
And just as an FYI, again, my response was off-beat, but I’m hoping its enough to make some readers WANT to do things the right way. A dump makes you nothing more than a fraud at the end of the day. Remember, you’re supposed to be an SME (Subject Matter Expert) and in the forensics field, you may (often will) be called to testify. You wouldn’t want a fraud representing you if your life was on the line would you?
Anyhow, here is a quick list of books and my reasons for posting them:
1) Windows Forensic Analysis DVD Toolkit, Second Edition
A must have period. So I will quote someone to avoid re-writing a book-long response: “the chapters on Registry Analysis, File Analysis, Executable Analysis, and Rootkit Detection provide and build upon basic concepts that go beyond what is taught in beginning and intermediate computer forensics courses“
2) File System Forensic Analysis
I suggest reading Jose Nazario’s description of this book on the Amazon page. Nuff said
3) Computer Forensics Library Boxed Set
Bejtlich, Dan Farmer, Wietse, Carrier – If you don’t recognize these names, you’re in the wrong industry
4) The Official CHFI Study Guide
It’s EC-Council’s exam. If they say the sky is green, you better answer the sky is green. No matter how wrong they may be. This book will contain the majority of content they’ll put on the exam. Take note… There is knowing to pass the exam… And there is knowing for the sake of being an expert and understanding forensics as best as possible. I suggest getting the top three books listed and learning as much as you can from them. This includes either downloading trial software to run it, or finding replacements to accomplish the tasks.
Right now (this week to be exact) I had to go back and forth through using Mandiant’s Memoryze, First Response, “First on Scene”, RPIER, Red Curtain and a bucketload of other IR/Forensics tools to prep me for January. Do I *need* to… No. I *want* to because I need to understand how things flow/work and alternatives in the event I don’t have a specific tool at my disposal. Will I always be able to use foremost or FTK? I can never say yes, so I need to be aware of processes, procedures and how to perform them in as many different methods as I can think of. Remember, any evidence I were to put forward would need to be repeatable.
Some test takers may say something to the tune of: “no money for the books, etc.” and it’s understandable. If you’re on this site or any other site that’s similar, books like these are an investment when used properly. So invest in yourself because I can guarantee you, its rare that you will find someone else who will
Anyhow, time to go home 😉
September 1, 2010 at 10:37 pm #34811dynamikParticipant
Sil, quit it. I already have more books than I know what to do with 😉
September 2, 2010 at 2:34 am #34812
Sil, quit it. I already have more books than I know what to do with 😉
The first three are seriously must have books… I may or may not have posted it here before. I buy a lot of books from BestBargainBooks.com I have zero affiliation with them other than the fact I’m a customer. I’ve bough Cisco Press books as low as .01 (seriously) so I can vouch for them being on point:
Computer Forensics : Computer Crime Scene Investigation – Vacca … Another good book $6.63 … Come on now, I spend more than that on coffee in a day
Encase Computer Forensics The Official EnCE – If you use EnCase… $5.14
Worth spending even $20 on some of the security books they have there
September 2, 2010 at 2:53 am #34813dynamikParticipant
I’m just kidding. Those are already on my wish-list at Amazon.
I do shop the bargain sites, such as what you listed, half.com, Amazon’s used selection. I often spend more on shipping ($3.99) than the book itself. That’s why I have more books than what I know what to do with. Those are up next. I’m hitting up assembly and then moving on to Hacking: The Art of Exploitation and The Shellcoder’s Handbook. I need to de-noob myself 😉
October 13, 2010 at 11:00 pm #34814Silver535dParticipant
I need some help/advice,
I am a System admin with a MCSE 2003,
I am looking for a new direction in my career and was interested in the IT security area.
I am thinking of doing ECSA/LPT (CEH combined) or CHFI courses.
Can any one answer my questions below?
1) Is the ECSA/LPT, CEH ,CHFI recognised by the industry?
2) Are they sort after qualifications?
3) Once certified will find jobs for these skills?
4) Will I need to have any knowledge in any programming languages?
5) Am I going down the right path?
6) Can any one explain what a Penetration Tester does (other than the basics)
7) Will being a certified Hacker have any negativity?
I appreciate it if any one has any real world expertise in theses area’s to give me a heads up please.
- You must be logged in to reply to this topic.