Computer forensics is a severe IT Stream, and professional and certified professionals are in excessive demand. But Computer forensics certifications stay one thing of a wild frontier. From two dozen obtainable credentials, we checklist the five finest choices. As we speak, there's a considerable variety of out there, high-quality certification packages that concentrate on digital investigations and computer forensics. Nonetheless, there are additionally certifications and packages which might be far much less clear, comprehensive and broadly recognized.
What's creating this demand for brand spanking new packages in computer forensics? Contemplate the following:
After some years, cyber crime continues to be a dangerous progress area. As new cyber crimes get reported, further investigations and certified investigators are wanted. That is excellent news for regulation enforcement and private researchers who specialize in computer forensics.
There is an excessive demand for certified computer forensics professionals as almost each police division is in want of an educated candidate with appropriate credentials. Whereas the precise outcomes differ from daily (and job board to job board), Table 1 offers you a concept of the variety of computer forensic jobs with particular certification necessities.
CHFI: Computer Hacking Forensic Investigator V8
The International Council of E-Commerce Consultants also called EC-Council is a widely known coaching and certification group that focuses on the areas of anti-hacking, computer forensics and penetration testing. The Computer Hacking Forensic Investigator (CHFI) V9 certification emphasizes forensics instruments, analytical strategies, and procedures concerned with acquiring, sustaining and presenting computer forensic proof and information in a courtroom of regulation.
The CHFI course runs for five days and covers a variety of matters and instruments (an in-depth course description is out there). It embodies a complete cyber crime overview, comprehensive protection of the computer forensics investigation course. It includes search and seizure of information systems, working with digital proof, incident dealing with and first responder procedures. It also includes gathering risky and non-volatile information from a Home windows computer, recovering deleted information and partitions from Windows, Macintosh, and Linux programs, utilizing Access Data Forensic Toolkit (FTK) and EnCase instruments, steganography and steganalysis, picture file forensics. Further, it includes password cracking, logs capturing devices and strategies, investigating community site visitors, wireless assaults, Internet assaults and e-mail crimes. Courseware is obtainable, in addition to instructor-led classroom coaching.
The EC-Council additionally provides credentials in associated areas comparable to disaster recovery, encryption, community protection structure and the like. Go to the EC-Council site for extra data on these widespread and revered credentials.
CFCE: Certified Forensic Computer Examiner
The International Association of Computer Investigative Specialists (IACIS) is the group behind the Certified Forensic Computer Examiner (CFCE) credential. This group caters primarily to regulation enforcement personnel. However, the group additionally provides an affiliate membership to retired law enforcement officials and full-time contractors to law-enforcement organizations.
Earning the CFCE requires going through a two-step testing course of that features a peer evaluation and CFCE certification testing. The peer assessment consists of accepting and finishing 4 assigned practical issues based mostly on core data and expertise areas for the credential. These have to be solved, after which introduced to a mentor for preliminary analysis before being presented for peer evaluation. Candidates have 30 days to finish every of the practical issues. Upon successful conclusion of the peer assessment, candidates are allowed to progress to the certification section, throughout which candidates work independently to research and report on a forensic picture of a desperate drive offered to them. Forty days are allowed to finish the exhausting drive sensible drawback. Following particular directions, a written report is ready to the document the candidate’s actions and findings.
Before making an attempt to acquire the CFCE credential, candidates should possess at the least 72 hours of coaching targeted on CFCE core competencies. Regardless of the time and expense concerned in earning a CFCE, this credential enjoys excessive worth and glorious title recognition within the computer forensics subject. Many forensics professionals contemplate the CFCE to be an obligatory "advantage badge" to earn, particularly for individuals who work in or for regulation enforcement.
CCE: Certified Computer Examiner
The Certified Computer Examiner (CCE) comes from the Worldwide Society of Forensic Computer Examiners, often known as ISFCE.
It's properly acknowledged within the trade and within the legislation enforcement neighborhood as a number one credential for laptop forensics professionals. Personal-sector holders normally embody safety officers and managers, IT directors or administrators, security or forensics consultants, programs and information security analysts and investigators, and even some legal professionals and human assets managers. Regulation enforcement holders often function forensic investigators, analysts or technicians and conduct official investigations to analysis or prosecute computer crimes.
The CCE BootCamp coaching course runs for five days within the classroom (or 40 hours of on-line or self-paced supplies). Some licensed coaching organizations provide the course, which prices $2,995 USD; regulation enforcement, authorities, Navy, and educators could obtain a $200 low cost. On-line or self-paced variations could also be considerably inexpensive, however, do not all the time ship direct teacher contact.
CSFA: Cyber Security Forensic Analyst
The Cyber Security Institute in Monroe, Washington supplies computer forensic companies geared toward regulation corporations, businesses and people, and administers a small however well-respected certification program. Info safety and forensics programs can be found utilizing the Cyber Security Academy, the Institute’s coaching wing.
The Institute administers a one-time certification the Cyber Security Forensic Analyst, or CSFA designed for security professionals with a minimum of two years of expertise performing the digital forensic evaluation on computer systems and units working the Home computers working the system and creating investigative stories. Candidates should additionally totally perceive the principles of proof, preserve a sequence of custody and many authorized processes and paperwork associated with forensic investigations (affidavits, declarations, subpoenas and so forth).
As soon as certification is achieved, it should be maintained attending digital forensics or info security coaching programs (80 class hours, minimal) and conducting 4 or more digital forensic examinations.
GCFA And GCFE Certifications
SANS is the group behind the Global Information Assurance Certification (GIAC) program, and is a well-respected and extremely regarded participant within the info safety subject on the whole. SANS not solely teaches and researches on this space, it additionally gives breaking information, operates a safety alert service and serves on every kind of presidency, analysis, and educational info security job forces, working teams and business organizations.
Each GCFE and GCFA deal with computer forensics within the context of investigation and incident response, and thus additionally give attention to the talents and information wanted to gather and analyze information from Home windows and Linux computer techniques in the middle of such actions. Candidates should possess the crucial abilities, knowledge and skill to conduct formal incident investigations and superior event dealing with, together with coping with internal and external information breaches, intrusions and excellent persistent threats, understanding anti-forensic strategies, and constructing and documenting superior digital forensic instances.
Other Forensics Certifications
Beyond the top 5 forensics certifications listed in this article, many different certification packages may assist to additional the careers of IT professionals who work in computer forensics.
Specifically, the Professional Certified Investigator (PCI), a senior-level, vendor-neutral computer investigations and forensics credential, is accessible via ASIS Worldwide. The group additionally provides the Certified Protection Professional (CPP), which incorporates a part of inquiry, and the Physical Security Professional (PSP) in its certification program. Forensics candidates also can pursue one of many High Tech Crime Network vendor-neutral certifications the Certified Computer Crime Investigator or Certified Computer Forensic Technician each of which have a Fundamental and a Superior credential.
And for those who go searching on-line, you may discover quite a few different forensics hardware and software program distributors that supply certifications. However earlier than you wander outdoors the objects already talked about in this article, you would possibly wish to analysis the sponsoring group's historical past. Analyze and the number of people they've earned its credentials, after which decide whether or not or not the sponsor not solely requires coaching, however, stands to revenue from its buy. If you happen to do your homework, you will not get burned. Certified computer forensics professionals are confident to stay in excessive demand for the future. You'll want to choose one!