Highest Demand Computer Forensics Certifications Guide

Digital Forensic Certifications - Career, Requirements and Salary

Are you interested in pursuing a certification in computer forensics? If you enjoy working with hardware, software, and databases and are interested in identifying and responding to cyber security breaches and network hacks, a career in computer forensics may be a good fit for you. While those in this field are often confused for cyber security professionals, the positions are actually quite different. Cyber security professionals focus on preventing cyber-attacks; digital forensics professionals take action after a breach has occurred. Their primary responsibilities include identifying the hack type, understanding the source, and recovering as much of the compromised data as possible. This process is complicated and requires a number of technical skills to complete efficiently. For this reason, many computer forensic professionals seek extensive training and certification.

Why Get Advanced Training in Computer Forensics?

Most professionals opt to pursue advanced training in computer forensics because they want to be eligible for a wider range of employment opportunities. On-the-job experience is extremely beneficial and can help individuals reach career advancement goals for a time, but certifications are often required to remain competitive for higher-level positions. This is especially true for well-known and respected credentials that clearly demonstrate a passion for and dedication to computer forensics.

Earning one or more computer forensics certifications also proves mastership over certain subfields, which can result in better marketability. Those with certain credentials are often more respected and highly regarded as knowledgeable within the field. In many cases, certifications help to appropriately categorize a professional’s skills so he or she can qualify for specialized positions without taking extra time to prove proficiency on the job.

Ultimately, seeking further training and certification can lead to more employment opportunities, faster career advancement, and higher wages.

Overview of What to Expect on the Exam

While all are within the same general field, each computer forensics examination will be different depending on the specific certification you are seeking.

Some of the most common areas covered include:

  • Analysis of intelligence
  • Cyber-threat intelligence application and fundamentals
  • Encryption and encoding
  • Intelligence applications
  • Intrusion analysis
  • Malware analysis
  • Malware as a collection source
  • Network analysis tools and usage
  • Network architecture and protocols
  • Open source intelligence
  • Windows assembly code concepts
  • Windows forensics and data triage
  • Web browser forensics

One similarity all certification exams have in common is the need for extensive preparation. Most certifying bodies offer in-depth training programs for a fee. Consider your options carefully and make sure you are fully prepared to pass your chosen examination before registering.

Types of Certifications to Consider

There are numerous computer forensics certifications available, but some are better known than others. Because of the increasing demand for credentialed professionals, more and more companies are offering digital training and certificates. A quick search online will reveal a wide array of options. It is recommended, however, that you research each sponsoring organization thoroughly before registering. You may also want to speak with other practicing digital forensic professionals who are certified, as they can offer guidance specific to your career goals.

Global Information Assurance Certification

The following are just some of the computer forensics certifications available:

  • Certified Computer Examiner (CCE)

    CCE certification is offered by the International Society of Forensic Computer Examiners (ISFCE). This is a very popular credential that many companies and government agencies now require their professionals to maintain.

    Prerequisites: Candidates must complete at least one of the following training and/or experience requirements.

    • Complete training at ISFCE Authorized Training Center or other training of equal level approved by the Certification Board
    • Have a minimum of 18 months of verifiable professional experience
    • Conduct a self-study in the field that is deemed appropriate by the Certification Board

    Exam: Candidates must complete a four-part testing process, consisting of one Online Written Exam and three Practical Examination portions.

    Cost: $485 for the initial CCE process / $150 for CCE recertification every two years

  • Certified Forensic Computer Examiner (CFCE)

    CFCE certification is offered by the International Association of Computer Investigative Specialists (IACIS). The certification program is based on a series of computer and digital forensics core competencies.

    Prerequisites: Candidates must successfully complete 72 hours of training that is comparable to the IACIS CFCE core competencies. The two-week IACIS Basic Computer Forensics Examiner training fulfills this requirement; other comparable training must be approved by IACIS.

    Exam: Candidates must complete a two-stage process, including Peer Review and Certification Testing. The Peer Review stage consists of four practical problems; the Certification Testing phase consists of one Hard Drive practical problem and a Knowledge-Based Objective test.

    Cost: $750

  • GIAC Certified Forensic Examiner (GCFE)

    GCFE certification is offered by the Global Information Assurance Certification (GIAC). The certification validates a professional’s knowledge of computer forensic analysis, with an emphasis on core skills required to collect and analyze data from Windows computer systems.

    Prerequisites: None

    Exam: Candidates must complete one proctored exam consisting of 115 questions over a three-hour time period. GIAC exams are open book format and test-takers are permitted to bring an armful of hardcopy books and notes into the exam room. A minimum passing score of 72% is required.

    Cost: $1,999

  • GIAC Certified Forensic Analyst (GCFA)

    GCFA certification is offered by the Global Information Assurance Certification (GIAC). This certification shows that candidates have the knowledge, skills, and ability to appropriately conduct formal incident investigations and handle advanced incident scenarios.

    Prerequisites: None

    Exam: Candidates must complete one proctored exam consisting of 115 questions over a three-hour time period. GIAC exams are open book format and test-takers are permitted to bring an armful of hardcopy books and notes into the exam room. A minimum passing score of 71% is required.

    Cost: $1,999

  • GIAC Reverse Engineering Malware (GREM)

    GREM certification is offered by the Global Information Assurance Certification (GIAC). This certification validates a technologist’s knowledge and skills to reverse-engineer malicious software that targets common platforms.

    Prerequisites: None

    Exam: Candidates must complete one proctored exam consisting of 75 questions over a two-hour time period. GIAC exams are open book format and test-takers are permitted to bring an armful of hardcopy books and notes into the exam room. A minimum passing score of 70.7% is required.

    Cost: $1,999

  • GIAC Network Forensic Analyst (GNFA)

    GNFA certification is offered by the Global Information Assurance Certification (GIAC). This certification validates a professional’s ability to perform examinations employing network forensic artifact analysis.

    Prerequisites: None

    Exam: Candidates must complete one proctored exam consisting of 50 questions over a two-hour time period. GIAC exams are open book format and test-takers are permitted to bring an armful of hardcopy books and notes into the exam room. A minimum passing score of 70% is required.

    Cost: $1,999

  • GIAC Advanced Smartphone Forensics (GASF)

    GASF certification is offered by the Global Information Assurance Certification (GIAC). This certification proves that a professional has the knowledge and skills necessary to access data carried on mobile devices for forensic examinations.

    Prerequisites: None

    Exam: Candidates must complete one proctored exam consisting of 75 questions over a two-hour time period. GIAC exams are open book format and test-takers are permitted to bring an armful of hardcopy books and notes into the exam room. A minimum passing score of 69% is required.

    Cost: $1,999

  • GIAC Cyber Threat Intelligence (GCTI)

    GCTI certification is offered by the Global Information Assurance Certification (GIAC). This certification validates that a professional has fully-developed analysis skills that can help him or her think critically and amplify technical knowledge.

    Prerequisites: None

    Exam: Candidates must complete one proctored exam consisting of 75 questions over a two-hour time period. GIAC exams are open book format and test-takers are permitted to bring an armful of hardcopy books and notes into the exam room. A minimum passing score of 71% is required.

    Cost: $1,999

  • EnCase Certified Engineer (EnCE)

    EnCE certification is focused on the use of OpenText. The certification program certifies public and private sector professionals have mastered computer investigation methodology and the use of this EnCase software during computer examinations.

    Prerequisites: Candidates must successfully complete 64 hours of authorized computer forensic training or have 12 months of professional work experience in computer forensics.

    Exam: Candidates must complete two phases of the examination consisting of a written exam and a practical exam. The written portion is taken with ExamBuilder and a minimum passing score of 80% is required. The practical exam consists of 18 questions and a minimum passing score of 85% is required.

    Cost: $200 / $300 for international candidates

  • AccessData Certified Examiner (ACE)

    ACE certification is offered by AccessData. This certification demonstrates a professional’s proficiency with Forensic Toolkit technology.

    Prerequisites: There are no prerequisites, but candidates will benefit from taking the FTK BootCamp and FTK Intermediate Courses. Test-takers must also have a fully licensed copy of FTK to take the exam.

    Exam: The number of test questions, time limit, scoring information, and testing functionality will be provided after registering for the exam.

    Cost: Free

  • Computer Hacking Forensic Investigator (CHFI)

    CHFI certification is offered by the EC-Council. This certification program verifies a professional’s ability to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.

    Prerequisites: Candidates must be at least 18 years old.

    Exam: Candidates must complete 150 test questions over a four-hour time period. Because multiple test forms are used, minimum passing scores can range from 60% to 85%.

    Cost: $650

Benefits

Becoming certified offers a wide array of potential career benefits. You will likely find yourself eligible for a wider range of employment, which can make finding work easier. Credentials also demonstrate that you are invested in and dedicated to the field as a whole, which can influence employer hiring decisions. In most cases, certifications help professionals advance faster in their career and earn higher salaries.

Additionally, depending upon which certifying organization you choose, you may gain access to many membership benefits.

These vary significantly, but often include access to:

  • Private Listservs
  • Professional Liability Insurance
  • A Wider Professional Network
  • Professional Journals
  • Research Articles
  • Development Projects
  • Newsletters

Career Path Options

Earning certification in computer forensics also opens up a variety of career paths.

After obtaining a professional credential, you may be qualified to apply for any of the following positions:

  • Computer Forensics Investigator
  • Computer Forensics Technician
  • Information Technology Manager
  • Defense/Military Personnel
  • Law Enforcement Officer
  • Federal Agent
  • Information Security Analyst
  • Information Systems Security Analysis
  • Forensic Computer Analyst
  • Security Consultant
  • Threat Hunter
  • Auditor
  • Security Consultant
  • System and Network Administrator
Leaders in Cyber Security Education: Find Your Career Today

Get started today on your path to advance your career!