Course essentials
Boot camp at a glance
-
Method
Live online, in-person or team onsite
-
Duration
7 days
-
Experience
1-3 years
-
Average salary
$75,000
What you'll learn
Training overview

This immersive computer forensics training prepares you to pass the Certified Computer Forensics Examiner (CCFE) and Certified Mobile Forensics Examiner (CMFE) exams, which cover the nine domains related to the computer forensics evidence recovery and analysis process, and the five domains related to performing the mobile forensics process on different types of mobile devices. You’ll learn:
- How to identify evidence: Gain the skills to identify, preserve, extract, analyze and report forensic evidence on computers and mobile devices.
- An understanding of evidence locations: Learn about the variations in evidence locations and examination techniques across operating systems, including Windows, Linux, Android, iOS, and Windows phones.
- Hands-on skills: Engage in practical exercises that simulate real-world attack scenarios, allowing you to practice threat hunting and develop the ability to analyze logs, capture memory dumps, and search for malware activity. Capture-the-flag (CTF) exercises allow you to test your new forensics skills.
- Certification preparation: Prepare for the Certified Computer Forensics Examiner (CCFE) and Certified Mobile Forensics Examiner (CMFE) certifications, validating your expertise in computer and mobile forensics.
Award-winning training you can trust
What's included
Everything you need to know

- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Exam Pass Guarantee
- Exam voucher
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Hands-on cyber ranges and labs
- Knowledge Transfer Guarantee
- Onsite proctoring of exam
- Pre-study learning path
- Unlimited practice exam attempts
Before your boot camp
Prerequisites
Prior to enrolling in the Computer and Mobile Forensics Training Boot Camp, you must have:
- No criminal record
- Basic computer skills, including the ability or desire to work outside the Windows GUI interface. We recommend A+ certification and/or similar training and experience, though they are not required.
This in-depth technical training course is not intended for individuals with limited or no computer skills.
Syllabus
Training schedule
Day 1
Introduction
- Computer forensics and investigation as a profession
- Define computer forensics
- Describe how to prepare for computer investigations and explain the difference between law enforcement agency and corporate investigations
- Explain the importance of maintaining professional conduct
Digital evidence — legal issues
- Identifying digital evidence
- Evidence admissibility
- Federal rules of evidence
- Daubert standard
- Discovery
- Warrants
- What is seizure?
- Consent issues
- Expert witness
- Roles and responsibilities
- Ethics
- (ISC)²
- AAFS
- ISO
Investigations
- Investigative process
- Chain of custody
- Incident response
- E-discovery
- Criminal vs. civil vs. administrative investigations
- Intellectual property
- Reporting
- Quality control
- Evidence management
- Current computer forensics tools and hardware
Optional group & individual study
Schedule may vary from class to class
Day 2
Forensic science fundamentals
- Principles and methods
- Forensic analysis process
Hardware
- Storage media
- Operating system
File systems
- File systems
- Erased vs. deleted
- Live forensics
Optional group & individual study
Schedule may vary from class to class
Day 3
File and operating system forensics
- Keyword searching
- Metadata
- Timeline analysis
- Hash analysis
- File signatures
- Volume Shadow Copies
- Time zone issues
- Link files
- Print spool
- Deleted files
- File slack
- Damaged media
- Registry forensics
- Multimedia files
- Compound files
Web and application forensics
- Common web attack vectors
- Browser artifacts
- Email investigations
- Messaging forensics
- Database forensics
- Software forensics
- Malware analysis
Optional group & individual study
Schedule may vary from class to class
Day 4
Network forensics
- TCP/IP
- Types of attacks
- Wired vs. wireless
- Network devices forensics
Packet analysis
- OS utilities
- Network monitoring tools
Anti-forensics
- Hiding
- Steganography
- Packing
- Hidden devices (NAS)
- Tunneling/Onion routing
- Destruction
- Spoofing
- Log tampering
- Live operating systems
Optional group & individual study
Optional group & individual study
Day 5
New & emerging technology
- Legal issues (privacy, obtaining warrants)
- Social networks forensics
- Types of social networks
- Types of evidence
- Collecting data
- Virtualization
- Virtualization forensics
- Use of virtualization in forensics
- Cloud forensics
- Types of cloud services
- Challenges of cloud forensics
- Big data
- Control systems and IOT
Mobile forensics introduction
- Types of devices
- GPS
- Cell phones
- Tablets
- Vendor and carrier identification
- Obtaining information from cellular provider
- GSM vs. CDMA
- Common tools and methodology
Take CCFE exam
Optional group & individual study
Optional group & individual study
Schedule may vary from class to class
Day 6
Mobile forensics process
- Mobile forensics challenges
- Types of evidence found on mobile devices
- Collecting mobile devices at the scene
- Comparison of mobile operating systems
- Data acquisition methods
- Reporting findings
Android forensics
- Android platform
- Android security model
- Bypassing Android security features
- Android logical data acquisition and analysis
- Android physical data acquisition
Optional group & individual study
Optional group & individual study
Schedule may vary from class to class
Day 7
iOS forensics
- Apple iOS platform
- iOS security
- Bypassing iOS security features
- iOS data acquisition and analysis
- iPhone/iCloud backups
- iOS data recovery techniques
Windows phones
- Windows Phone OS: partitions and filesystems
- Windows Phone security features
- Windows Phone logical acquisition and analysis
- Windows 10 mobile OS forensics
Feature phones forensics
- Acquiring and examining data from feature phones
Take CMFE exam
Schedule may vary from class to class
Guaranteed results
Our boot camp guarantees

Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Unlock team training discounts
If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

FAQ
Frequently asked questions
What is computer forensics?
Computer forensics is a branch of digital forensic science that involves the identification, preservation, extraction, analysis and reporting of digital evidence from computers and other digital devices. It is crucial for investigating cybercrimes and gathering evidence for legal proceedings.
How can I start learning computer forensics or become a computer forensics professional?
This Computer and Mobile Forensics Training Boot Camp is a great way to upgrade your forensics skills and validate your expertise to employers. A solid understanding of technology is helpful for all digital forensics professionals, and certifications like CompTIA’s A+ and Network+ are great options to build that foundation.
What is the importance of certifications in computer and mobile forensics?
Certifications in computer and mobile forensics validate your knowledge and skills in the field, demonstrating your competence and commitment to the profession. They serve as a benchmark for employers and clients, assuring them of your ability to conduct forensic investigations, handle digital evidence and follow industry best practices. Certifications like the CCFE and CMFE are industry recognized and can enhance your career opportunities in the cybersecurity and digital forensic domains.
How long is the certification valid, and what are the renewal requirements?
The CCFE and CMFE certifications from Infosec are valid for four years. To renew the certification, you’ll need to retake the current certification exam at no cost to you.
What are the career opportunities and job titles for certified computer and mobile forensics professionals?
Certified Computer and Mobile Forensics professionals can pursue various career paths in the cybersecurity and digital forensic fields. Some common job titles include:
- Computer forensics analyst
- Digital forensics investigator
- Cybersecurity consultant
- Incident response analyst
- Forensic lab technician
- Law enforcement officer specializing in digital investigations
- IT security specialist
You could help play a crucial role in organizations, law enforcement agencies, cybersecurity firms and consulting companies, where your new-found expertise is required to investigate cybercrimes, analyze digital evidence and ensure the security of digital systems.
You're in good company
I have never had a better experience in any previous training. The instructor gave the information needed for the test and also shared his real-world experience to bring it together. I would not hesitate recommending this class to anyone interested in CEH.
Chris Young, Maintech
I thoroughly enjoyed the Ethical Hacking class. I would venture to say it is one of the best technical classes I have ever attended. I feel very confident that I will be able to take my learning experience and be better able to defend our company assets.
Jeremy Kicklighter, ACI Worldwide
The course materials were excellent. The class format was fantastic. The instructor not only prepared us for the examination but also spent a considerable amount of time in learning practical skills for the real world.
Stephen Field, Thomas Compliance Associates, Inc.
Enroll in a boot camp
Explore our top boot camps
More learning opportunities
-
Most popularBoot camp
CompTIA Security+ Training Boot Camp
Infosec’s CompTIA Security+ Boot Camp teaches you information security theory and reinforces that theory with hands-on exercises to help you learn by doing. You’ll learn how to configure and operate many different technical security controls — and leave prepared to pass your Security+ exam.
Learn More
-
#1 FOR BEGINNERSBoot camp
Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification
Infosec’s authorized CCNA Dual Certification Boot Camp helps you build your knowledge of networking and provides hands-on experience installing, configuring and operating network devices — all while preparing you to earn two Cisco certifications.
Learn More
-
Most requestedBoot camp
(ISC)² CISSP® Certification Training and Boot Camp
Take your career to the next level by earning one of the most in-demand cybersecurity certifications. Infosec’s CISSP training provides a proven method for mastering the broad range of knowledge required to become a Certified Information Systems Security Professional.
Learn More