Certified Professional Forensic Analyst (CPFA)

Best Practices for Forensic Analysis

The term cyber-crime no longer refers only to hackers and other external attackers. Almost all every case of financial fraud or employee misuse involves a very strong element of computer-based evidence. NII Consulting has been providing professional computer forensics, cyber breach investigation, incident detection and response services to clients for more than 5 years. It now brings together its consolidated expertise into a four-day hands-on training on Certified Professional Forensic Analyst (CPFA).The entire workshop is driven by hands-on exercises and case studies to ensure that all aspects have a real-life scenario-based approach.

Key Benefits of course

This program addresses the key questions of:

  • What should one do when there is a suspicion of a computer-based crime?
  • What tools and techniques are most likely to yield the right set of clues?
  • Demonstration with the worlds’ leading forensics tool – Encase

Who should attend this course?

  • Auditors and financial fraud examiners
  • Chief Security Officers and Chief Technology Officers
  • Professionals seeking a career in computer forensics and cyber crime investigations
  • Security and Network Administrators

Course Contents

  • Hacking Incidents
  • Financial Theft
  • Theft of Identity
  • Corporate Espionage
  • Email Misuse
  • Pornography
  • Pre-Incident Preparation
  • Detection of Incidents
  • Initial Response Phase
  • Preserving “Chain of Custody”
  • Response Strategy Formulation
  • Evidence Collection and Analysis
    • Defining Evidence
    • Forensically Sound Evidence Collection
    • Evidence Handling
    • Host Vs Network Based Evidence
    • Online Vs Offline Response
  • Digital Forensics - Putting on the Gloves
    • The 6 A's
    • The Investigative Guidelines
    • Disk-based Forensics Vs Network-based Forensics
  • Reporting the Investigation
  • Network Devices
  • Introduction to Log Analysis
  • Analyzing Snort and Firewall Logs
  • Analyzing Apache, IIS, Squid Logs
  • Network Intrusion Case Study
  • Using Tcpdump, Snort, Tcpdstat, argus, tcpflow, tcptrace
  • The Do’s and the Don’ts
  • Windows Live Response
  • Linux Live Response
  • Learning the rope – the essentials
  • Risk Imaging using Linux ( dd, sdd, dcfldd) and Netcat
  • Disk Imaging using Encase, Helix Bootable disk
  • Analysis using Helix
  • Basic and advanced analysis using Encase v5 Forensic edition
  • Understanding Browser history artifacts
  • Browser Forensics
    • Using Encase
    • Using Netanalysis, WebHistorian
  • Understanding Registry structure
  • Understanding MRU lists
  • Understanding UserAssist
  • Registry Forensics using ENCASE
  • Using IDA freeware
  • Using strings.exe
  • Using BinText
  • Using Regmon, Tcpmon
  • Using Peid
  • Encase Forensic edition
  • Helix Bootable CD
  • The Coroner’s Toolkit
  • Tcpdump
  • Snort
  • Tcpdstat
  • Argus
  • Tcpflow
  • Tcptrace
  • Ethereal
  • Neotrace
  • Smartwhois
  • Peid
  • NetAnalysis
  • Web Historian
  • Bintext
  • IDA freeware


This training is very much relevant to my job of cyber forensics. Now, I can streamline & substantially increase the quality of cyber forensics investigation in my organization.
Manish Bhattarai, Deputy Controller
This training is related training for our official objective. It is also helpful & easy to do my job in my office.
Narayan Lal Pakwon, Section Officer
Dear Rutuja, Rashmi & Sanoop,
Thank you for the support provided.
The administration of this course is done very professionally and it shows how concerned each one of you are about the students welfare.
This is something that I personally appreciate.
Thanks. :-)
Marsh Miranda, Software Engineer, DST Worldwide

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content