.

CHFI EXAM

<<

kabila

Newbie
Newbie

Posts: 2

Joined: Sun Aug 29, 2010 11:56 am

Post Mon Aug 30, 2010 7:11 am

CHFI EXAM

Greetings to all ,

did any just pass the CHFI EXAM. I want to know the best way and materials to read in preparation for the exam . And where to get good CHFI DUMPS.

Thanks ,

kabila
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Mon Aug 30, 2010 9:02 am

Re: CHFI EXAM

<intro>
While many are reading this, be advised, I need dumps too. See, I'm going to be a doctor and I'm going to place someone's life in my hands. I think I need to read and memorize some books for the sake of passing the exam therefore anyone who may have dumps on becoming a doctor, please post them. After memorizing the books and learning nothing, I think I will now go and place a life in my hands. Anyone want free surgery?
</intro>

If you have to pass an exam like this, why don't you move along to another field. Usually I don't post these kinds of responses but in a situation like this, it's unusually sickening to see how people view the industry and the profession of forensics. Forensics at its best will either convict or exonerate someone of a crime. I've seen personally the downsides of non-competent forensics investigators (http://mobileforensics.wordpress.com/bio/ [see note below on this]) - who often carry the weight of assisting in the conviction or exoneration of someone - not have a clue with *someone* in the end being affected in an adverse way.

If you're taking the exam for the sake of doing something other than taking forensics seriously, you're devaluing the certification for those of us who have passed the exam. Those of us who've taken the time to understand the field and respect OURSELVES enough to take pride in certain arenas.

I've dealt with many individuals in government, private industry, hobbyists and for those that I've seen and corresponded with when it comes to forensics are a prideful bunch. Nary a time I've seen anyone come out with "give me a dump" to make me an expert. I've had the opportunity to learn from some of the best in the industry throughout my years and have learned for the sake of understanding it. NOT for the sake of passing a cert.

A dump will not make you an expert period. Learn the material. You wanna pass the CHFI study what EC-Council would like you to understand.

http://www.ethicalhacker.net/component/ ... 2.msg9277/

Understand that in this test there are a lot of questions related to LAWS. You know, those things that can either convict or free someone.

Four years ago, while pregnant, Ms. Amero went to work one day as a substitute teacher and left with felony charges against her.

Her crime? Julie Amero was convicted of four felony counts, each count carrying a maximum of ten years, for exposing school children to pornography.

...

The substitute teacher didn't know what to do to make them stop, so she was led away in handcuffs and convicted of felony charges carrying a maximum sentence of forty years in prison.

...

A number of computer security experts, led by software developer and blogger, Alex Eckelberry noticed serious technical errors were made throughout her trial. Mr. Eckelberry brought together a group of forensic investigators who volunteered to analyze the computer hard drive she was using in the classroom that day and published a report on their findings.

The group's report ultimately caused Julie's conviction to be overturned. Judge Hillary Strackbein overturned the unjust verdict in 2007 and ordered a new trial because of erroneous and false information given during the initial trial.

http://www.huffingtonpost.com/kim-mance ... 45772.html


Thankfully there are GOOD forensics investigators out there. Those who've taken the time to learn to investigate. You know, that thing you do when you actually have to use your brain for a change

Mobile Forensics Link Note (http://mobileforensics.wordpress.com/bio/)
I was reading this blog as recommended from a friend who works at EnCase. I was performing an analysis of a Blackberry using Oxygen Forensics. After reading the blog and analyzing the procedures used by this former Sergeant Detective and "forensics" expert, I was sad and shocked to see more or less the same. Someone who seemed to perhaps have "read and memorized" a book.

As a forensics expert, everything has to be repeatable, taint free, cross-correlated and stand up in a court of law. Remember, you may need to prove that something happened on a machine (your job is not to see John Smith did this - your role is to present what occurred). The fuse that lit the bomb? I recommend making a working copy and a archive copy. Now reseal and store your exhibit. Think about this for a moment. This shouldn't and ISN'T a recommendation. When you're acquiring evidence, you follow the rules and procedures. There is no "recommending" making any copies of archives. These are 1) mandates 2) common sense. See my gripe here?

Imagine if the woman mentioned in the article were your mother, your sister, your wife. How would you feel if their life were entrusted to some shmoe taking exam dumps?

And this is not even to mention that after her very public arrest, the pregnant teacher suffered a miscarriage. Subsequently, Ms. Amero has been hospitalized because of declining health due to stress.

In March 2008 a $2,400 ad appeared in the Hartford Courant which was signed by 28 computer science professors arguing that Ms. Amero could not have controlled the pornographic pop-ups. Trial Detective Mark Lounsbury never checked for the presence of malware.

http://www.huffingtonpost.com/kim-mance ... 45772.html


Go read the books. Understand what you're doing or find another field. Don't degrade and or devalue this certification.
Last edited by sil on Mon Aug 30, 2010 9:04 am, edited 1 time in total.
<<

smorgan

Newbie
Newbie

Posts: 4

Joined: Thu Apr 23, 2009 8:58 am

Location: London

Post Tue Aug 31, 2010 2:58 pm

Re: CHFI EXAM

If you are looking for brain dumps, then I'm sorry I can't help you.  But if you are serious about getting CHFI certified, then I can help you.  I work for Firebrand Training and we provide CHFI certification courses.  We have many EC-Council awards for our work.

if you are looking for the self-study option, then I recommend you the following books:

The Official CHFI Study Guide (Exam 312-49): For Computer Hacking Forensic Investigator (Taschenbuch)
ISBN: 9781597491976

Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet (Gebundene Ausgabe)
ISBN: 9780121631048

Hope this helps and good luck
Sarah
<<

ants

Newbie
Newbie

Posts: 25

Joined: Sun Mar 15, 2009 8:51 am

Location: Ireland

Post Tue Aug 31, 2010 4:58 pm

Re: CHFI EXAM

@sil
sil wrote:Those of us who've taken the time to understand the field and respect OURSELVES enough to take pride in certain arenas.


Excellent post - thanks
CEH, GPEN, GCFW
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Aug 31, 2010 7:29 pm

Re: CHFI EXAM

I agree with you guys. This may be the hardest thing to do in IT security. I believe you need a lot of experience in order to, like sil mentioned, play with people's life.

But on the other hand, he did say:
I want to know the best way and materials to read in preparation for the exam

The key words are "the best way". So thanks smorgan for helping him!

Like it's been debated on this forum many times, certifications doesn't you an expert (and I am the leaving proof of that!  :P). But I believe it is a step in the good direction. If this his goal to be a forensic investigator, then he has to start somewhere!

But:
And where to get good CHFI DUMPS

This wasn't exactly the best quote of the forum...  :-\
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Tue Aug 31, 2010 9:17 pm

Re: CHFI EXAM

I agree guys, It is amazing how I like this feel b ut sometimes I feel that I do not have some progress, like if I stuck in something until I get it well. But it is worth it
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

kabila

Newbie
Newbie

Posts: 2

Joined: Sun Aug 29, 2010 11:56 am

Post Wed Sep 01, 2010 5:19 am

Re: CHFI EXAM : I LIKE COORECTIONS

I thank you all for your time . We learn everyday . I am very sorry if I did sound lazy by asking for dumps but I stand to be corrected any day because I am ready to learn.

Now what materials should I read and which topics should I concentrate more .

Please help me guys .

Warm shout out to all.

Kabila
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Wed Sep 01, 2010 5:32 am

Re: CHFI EXAM

smorgan already recommended two books to you, so you might take a look at those.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Sep 01, 2010 3:04 pm

Re: CHFI EXAM

Hey kabila,

Welcome to EH-Net. The feelings of the community have been pretty clearly stated. But let me take this opportunity to thank you for taking it the right way. Many would simply yell back or leave. You were strong enough to take the advice and move forward in a positive manner.

That kind of attitude is welcomed and encouraged.

Let us know how you like the recommended books.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Wed Sep 01, 2010 4:15 pm

Re: CHFI EXAM

And just as an FYI, again, my response was off-beat, but I'm hoping its enough to make some readers WANT to do things the right way. A dump makes you nothing more than a fraud at the end of the day. Remember, you're supposed to be an SME (Subject Matter Expert) and in the forensics field, you may (often will) be called to testify. You wouldn't want a fraud representing you if your life was on the line would you?

Anyhow, here is a quick list of books and my reasons for posting them:

1) Windows Forensic Analysis DVD Toolkit, Second Edition
http://www.amazon.com/Windows-Forensic- ... pd_sim_b_3

A must have period. So I will quote someone to avoid re-writing a book-long response: "the chapters on Registry Analysis, File Analysis, Executable Analysis, and Rootkit Detection provide and build upon basic concepts that go beyond what is taught in beginning and intermediate computer forensics courses"

--------

2) File System Forensic Analysis
http://www.amazon.com/System-Forensic-A ... =pd_cp_b_3

I suggest reading Jose Nazario's description of this book on the Amazon page. Nuff said

--------

3) Computer Forensics Library Boxed Set
http://www.amazon.com/Computer-Forensic ... d_sim_b_14

Bejtlich, Dan Farmer, Wietse, Carrier - If you don't recognize these names, you're in the wrong industry

--------

4) The Official CHFI Study Guide
http://www.amazon.com/Official-CHFI-Stu ... 1597491977

It's EC-Council's exam. If they say the sky is green, you better answer the sky is green. No matter how wrong they may be. This book will contain the majority of content they'll put on the exam. Take note... There is knowing to pass the exam... And there is knowing for the sake of being an expert and understanding forensics as best as possible. I suggest getting the top three books listed and learning as much as you can from them. This includes either downloading trial software to run it, or finding replacements to accomplish the tasks.

Right now (this week to be exact) I had to go back and forth through using Mandiant's Memoryze, First Response, "First on Scene", RPIER, Red Curtain and a bucketload of other IR/Forensics tools to prep me for January. Do I *need* to... No. I *want* to because I need to understand how things flow/work and alternatives in the event I don't have a specific tool at my disposal. Will I always be able to use foremost or FTK? I can never say yes, so I need to be aware of processes, procedures and how to perform them in as many different methods as I can think of. Remember, any evidence I were to put forward would need to be repeatable.

Some test takers may say something to the tune of: "no money for the books, etc." and it's understandable. If you're on this site or any other site that's similar, books like these are an investment when used properly. So invest in yourself because I can guarantee you, its rare that you will find someone else who will

Anyhow, time to go home  ;)
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Sep 01, 2010 5:37 pm

Re: CHFI EXAM

Sil, quit it. I already have more books than I know what to do with ;)
The day you stop learning is the day you start becoming obsolete.
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Wed Sep 01, 2010 9:34 pm

Re: CHFI EXAM

dynamik wrote:Sil, quit it. I already have more books than I know what to do with ;)


The first three are seriously must have books... I may or may not have posted it here before. I buy a lot of books from BestBargainBooks.com I have zero affiliation with them other than the fact I'm a customer. I've bough Cisco Press books as low as .01 (seriously) so I can vouch for them being on point:

Computer Forensics : Computer Crime Scene Investigation - Vacca ... Another good book $6.63 ... Come on now, I spend more than that on coffee in a day
http://www.bestbargainbook.com/index.ph ... mid=342948

Encase Computer Forensics The Official EnCE - If you use EnCase... $5.14
http://www.bestbargainbook.com/index.ph ... emid=69185

Worth spending even $20 on some of the security books they have there
http://www.bestbargainbook.com/index.ph ... icatid=259
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Sep 01, 2010 9:53 pm

Re: CHFI EXAM

I'm just kidding. Those are already on my wish-list at Amazon.

I do shop the bargain sites, such as what you listed, half.com, Amazon's used selection. I often spend more on shipping ($3.99) than the book itself. That's why I have more books than what I know what to do with. Those are up next. I'm hitting up assembly and then moving on to Hacking: The Art of Exploitation and The Shellcoder's Handbook. I need to de-noob myself ;)
The day you stop learning is the day you start becoming obsolete.
<<

Silver535d

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Oct 13, 2010 5:23 pm

Post Wed Oct 13, 2010 6:00 pm

Re: CHFI EXAM

Hey,

I need some help/advice,

I am a System admin with a MCSE 2003,

I am looking for a new direction in my career and was interested in the IT security area.

I am thinking of doing ECSA/LPT (CEH combined) or CHFI courses.
Can any one answer my questions below?


1) Is the ECSA/LPT, CEH ,CHFI recognised by the industry?
2) Are they sort after qualifications?
3) Once certified will find jobs for these skills?
4) Will I need to have any knowledge in any programming languages?
5) Am I going down the right path?
6) Can any one explain what a Penetration Tester does (other than the basics)
7) Will being a certified Hacker have any negativity?

I appreciate it if any one has any real world expertise in theses area’s to give me a heads up please.

Thanks
Silver-535d

Return to CHFI - Computer Hacking Forensic Investigator

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software