Skip to main content

EC-Council: Digital Forensics Essentials (DFE)

Digital Forensics Essentials (DFE) is a first-of-its-kind MOOC certification that offers foundational knowledge and skills on digital forensics with add-on labs for hands-on experience.

Digital Forensics Essentials (DFE)
1 weeks
16–24 hours per week
Progress at your own speed
Optional upgrade available

There is one session available:

After a course session ends, it will be archivedOpens in a new tab.
Starts Feb 22

About this course

Skip About this course

The rapid evolution of computers has brought technical devices as an active weapon to criminals. Cybercriminals have enjoyed the pleasure of being able to combine a large array of complex technologies to be successful in their mission. Due to the complexity of the attack, investigating a crime in the cyber world has become increasingly difficult to do.

Computer forensics is the process of detecting hacking attacks and properly extracting evidence to report the crime and conducting audits to prevent the future attacks. It is used in different types of investigations like crime and civil investigation, corporate litigation, cybercrime etc. It plays a vital role in the investigation and prosecution of cybercriminals. It refers to a set of methodological procedures and techniques to identify, gather, preserve, extract, interpret, document, and present evidence from computing equipment so that the discovered evidence can be used during a legal and/or administrative proceeding in a court of law. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud.

Digital Forensics Essentials (DFE) is a security program covering the fundamental concepts of computer forensics. It equips students with the skills required to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in a court of law.

This program will give a holistic overview of the key components of computer forensics. It provides a solid fundamental knowledge required for a career in computer forensics.

Why is DFE Important?

§ It facilitates your entry into the world of computer forensics

§ It provides a professional understanding of the concepts of computer forensics

§ It enhances your skills as a Computer Forensics Specialist and increases your employability

At a glance

  • Institution: EC-Council
  • Subject: Computer Science
  • Level: Intermediate
  • Prerequisites:

    This program is ideal for IT professionals who are seeking to foray into the exciting world of cybersecurity. Cybersecurity enthusiasts and students will readily find the program interesting, challenging, and useful.

What you'll learn

Skip What you'll learn

Students going through DFE training will learn:

§ Key issues plaguing the computer forensics

§ Different types of digital evidence

§ Computer forensic investigation process and its phases

§ Different types of disk drives and file systems

§ Data acquisition methods and data acquisition methodology

§ Anti-forensics techniques and countermeasures

§ Volatile and non-volatile information gathering from Windows, Linux, and Mac Systems

§ Network forensics fundamentals, event correlation, and network traffic investigation

§ Web server logs and web applications forensics

§ Dark web forensics

§ Email crime investigation

§ Malware forensics fundamentals and different types of malware analysis

Module 01: Computer Forensics Fundamentals

This module discusses the role of computer forensics in today’s world.

Module 02: Computer Forensics Investigation Process

This module describes the different stages involved in the complete computer forensic investigation process and highlights the role of expert witnesses in solving a cybercrime case. It also outlines the importance of formal investigation reports presented in a court of law during a trial.

Module 03: Understanding Hard Disks and File Systems

This module provides insight into hard disks and file systems’ structure and behavior.

Module 04: Data Acquisition and Duplication

This module discusses the fundamental concepts of data acquisition and the various steps involved in the data acquisition methodology.

Module 05: Defeating Anti-forensics Techniques

This module outlines the fundamentals of anti-forensics techniques and elaborately discusses how forensic investigators can defeat them using various tools.

Module 06: Windows Forensics

This module discusses how to collect and examine forensic evidence related to incidents of cybercrime on Windows machines.

Module 07: Linux and Mac Forensics

This module discusses how to collect and examine evidence related to incidents of cybercrime on Linux and macOS–based machines.

Module 08: Network Forensics

This module discusses the methods of investigating network traffic to locate suspicious packets and identify indicators of compromise (IoCs) from the analysis of various log files.

Module 09: Investigating Web Attacks

This module discusses the procedure of web application forensics, various types of attacks on web servers and applications, and where to look for evidence during an investigation. Furthermore, it explains how to detect and investigate various types of web-based attacks.

Module 10: Dark Web Forensics

This module outlines the fundamentals of dark web forensics, describes the working of the Tor browser, and discusses steps to perform a forensic investigation of the Tor browser.

Module 11: Investigating Email Crimes

This module familiarizes you with the subject of email crimes and how they occur. It primarily focuses on the steps an investigator needs to follow in an email crime investigation.

Module 12: Malware Forensics

This module elaborately discusses the different types of malware, malware forensics fundamentals, and different types of malware analysis.

Who can take this course?

Unfortunately, learners residing in one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. edX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.

This course is part ofCybersecurity Essentials Professional Certificate Program

Learn more 
Expert instruction
3 skill-building courses
Progress at your own speed
1 month
16 - 24 hours per week

Interested in this course for your business or team?

Train your employees in the most in-demand topics, with edX For Business.