The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic Investigator [Paperback]

Dave Kleiman (Author), Craig Wright (Author), Jesse "James" Varsalone (Author), Timothy Clinton (Author), Michael Gregg (Author)

Book Description

Publication Date: October 8, 2007 | ISBN-10: 1597491977 | ISBN-13: 978-1597491976 | Edition: 1

This is the only official, EC-Council-endorsed CHFI (Computer Hacking Forensics Investigator) study guide. It was written for security professionals, systems administrators, IT consultants, legal professionals, IT managers, police and law enforcement personnel studying for the CHFI certification, and professionals needing the skills to identify an intruder's footprints and properly gather the necessary evidence to prosecute. Key features include:

. The Only Official Study Guide for CHFI
Provides 100% coverage of all exam objectives.
. Full Web-based Exam
Modeled after the real exam, it also includes explanations of correct and incorrect answers.
. Exam Objectives
Each is clearly explained at the beginning of the chapter.
. Notes and Alerts
Highlight crucial points of the exam modules.
. Exam Objectives Fast Track
Bulleted highlights emphasize the important points from the exam's perspective at the end of the chapter.
. Key Terms
All concepts are defined and explained as they appear.
. Exam Objectives Frequently Asked Questions
Test what you have learned by reading FAQs based on the material covered in the chapter. Log on to the Syngress Web site to access review questions based on the exam.

Editorial Reviews

About the Author

Dave Kleiman (CAS, CCE, CIFI, CISM, CISSP, ISSAP, ISSMP, MCSE) has worked in the Information Technology Security sector since 1990. Currently, he is the owner of SecurityBreachResponse.com, and is the Chief Information Security Officer for Securit-e-Doc, Inc. Before starting this position, he was Vice President of Technical Operations at Intelliswitch, Inc., where he supervised an international telecommunications and Internet service provider network. Dave is a recognized security expert. A former Florida Certified Law Enforcement Officer, he specializes in computer forensic investigations, incident response, intrusion analysis, security audits, and secure network infrastructures. He has written several secure installation and configuration guides about Microsoft technologies that are used by network professionals. He has developed a Windows Operating System lockdown tool, S-Lok (www.s-doc.com/products/slok.asp ), which surpasses NSA, NIST, and Microsoft Common Criteria Guidelines. Dave was a contributing author to Microsoft Log Parser Toolkit (Syngress Publishing, ISBN: 1-932266-52-6). He is frequently a speaker at many national security conferences and is a regular contributor to many security-related newsletters, Web sites, and Internet forums. Dave is a member of several organizations, including the International Association of Counter Terrorism and Security Professionals (IACSP), International Society of Forensic Computer Examiners® (ISFCE), Information Systems Audit and Control Association® (ISACA), High Technology Crime Investigation Association (HTCIA), Network and Systems Professionals Association (NaSPA), Association of Certified Fraud Examiners (ACFE), Anti Terrorism Accreditation Board (ATAB), and ASIS International®. He is also a Secure Member and Sector Chief for Information Technology at The FBI's InfraGard® and a Member and Director of Education at the International Information Systems Forensics Association (IISFA).

Product Details

• Paperback: 960 pages
• Publisher: Syngress; 1 edition (October 8, 2007)
• Language: English
• ISBN-10: 1597491977
• ISBN-13: 978-1597491976
• Product Dimensions: 9.2 x 7.6 x 2.4 inches
• Shipping Weight: 3.6 pounds (View shipping rates and policies)
• Average Customer Review: 3.8 out of 5 stars  See all reviews (10 customer reviews)
• Amazon Best Sellers Rank: #697,033 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

12 of 14 people found the following review helpful:

1.0 out of 5 stars Sloppy, Sloppy, Sloppy, May 28, 2008

By 

Lumpus "Music nerd" (East Coast, USA) - See all my reviews

This review is from: The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic Investigator (Paperback)

Rarely have I seen less information in so many pages. This book is poorly organized, riddled with inaccuracies and typos, and appears hopelessly outdated in many cases. (Frequent references to floppy disks and MS-DOS make me wonder where these authors have been since, oh, 1994).

Here's a clear example of the slovenliness of the book and its editors. The summary of the "PDA, Blackberry, and iPod Forensics" chapter contains no reference to the iPod. Obviously, the iPod section was added later, and no one thought to update the summary section.

Here's another example. The "PDA Investigative Tips" section advises the would-be investigator to leave the device in the "off" state, then immediately "switch on the device". Apparently, switching the device on leaves it in the off state. The book is full of nonsense like this.

The final straw for me, though, is the beginning of Chapter 13, which purports to examine forensic tools (hardware and software). The author of this chapter openly states that the chapter is "heavily based on the assertions of the vendors who make the products." In other words, they just slapped together a bunch of sales literature, and are not providing any real-world experience with, or observations of, the products. Well, at least they're honest about their laziness and lack of experience.

I have worked in the IT field for over 25 years now, and I have read many, many technical and instructional books. This is definitely one of the worst. Buy something else if you want to learn about forensics. I recommend "File System Forensic Analysis", by Brian Carrier.

6 of 6 people found the following review helpful:

4.0 out of 5 stars Excellent resource and guide, November 2, 2008

By 

Bill Wynne (Coarsegold, CA) - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic Investigator (Paperback)

I purchased this book in August as one of the pieces for my self training for the computer forensics discipline. I purchased it with the intent of downloading the PDF version and putting it on my Amazon Kindle so I could easily carry the book with me. I've been very satisfied with the content, especially the numerous links to related material. Mr. Kleiman brought together a group of people each of whom made a significant contribution to an excellent product.

As one reviewer has noted, there are weaknesses, especially in the proofreading and editing. This reflects on the publisher rather than the author as I'll detail below this. I can easily get past those weaknesses because this isn't a literary work.

As it turns out, the weaknesses were not caused by Mr. Kleiman or the other contributors to the book. In the process of acquiring the PDF that was to be included in the purchase price I learned that Syngress has been having problems, probably financially based, for quite some time. This resulted in delivering products that had not been fully prepared as was the case with this book. Mr. Kleiman as an author submitted in good faith a book to be proofread, edited and published. He provided content that easily justified the price of the book and expected Syngress to fine tune the product before releasing it.

Several days after purchasing the book I made my first of several attempts to contact Syngress and download my promised PDF copy. After several phone calls and emails I realized I was wasting my time. I then sent an email to David Kleiman and at about the same time I learned that Syngress had closed their doors and was being taken over by Elsevier. Mr. Kleiman and I exchanged emails for a month or so as he worked with the kind folks at Elsevier to get the PDF to me. About a week ago I received an email from Mr. Kleiman stating that the PDF would be available to me soon. Shortly after that I received an email from Elsevier telling me how to download the PDF. I did that and I now have it on my Kindle and can access it at any time as I originally planned. I find it to be an excellent resource and well worth the purchase price and the time spent reading it.

I commend David Kleiman and Elsevier for doing what's right.

4 of 4 people found the following review helpful:

5.0 out of 5 stars Exactly what i wanted, April 18, 2008

By 

E. Steward "Erica S." (New York, NY) - See all my reviews
(REAL NAME)   

This review is from: The Official CHFI Study Guide (Exam 312-49): for Computer Hacking Forensic Investigator (Paperback)

Im currently enrolled to go to school for computer forencsics, however i dont start until september i wanted a book to jumpstart me in the field before i start classes to get familiar with the subject. I wanted a study guide to teach me the basics and i couldnt have gotten a better book. The Official CHFI study guide is exactly what i wanted and needed and now im more excited then ever to start classes in the fall. Very satisfied with my purchase.