Public visé
CCFP addresses more experienced cyber forensics professionals who already have the proficiency and perspective to effectively apply their cyber forensics expertise to a variety of challenges. In fact, many new CCFP professionals likely hold one or more other digital forensics certifications.
Given the varied applications of cyber forensics, CCFP professionals can come from an array of corporate, legal, law enforcement, and government occupations, including:
- Digital forensic examiners in law enforcement to support criminal investigations
- Cybercrime and cybersecurity professionals working in the public or private sectors
- Computer forensic engineers & managers working in corporate information security
- Digital forensic and e-discovery consultants focused on litigation support
- Cyber intelligence analysts working for defense/intelligence agencies
- Computer forensic consultants working for management or specialty consulting firms.
Moyens
Official (ISC)² Guide to the CCFP CBK Textbook
Official (ISC)² training seminar
Objectifs
- Analyze the nature of evidence, chain of custody, rules of procedure, and the role of expert witness as they pertain to the legal and ethical principles, concepts, methodologies, and their implementation within centralized and decentralized environments across an organization's computing environment
- Demonstrate an understanding of investigations as they relate to data communications in local area and wide area networks, remote access, and Internet/intranet/extranet configurations
- Analyze fundamental principles, forensic methods, forensic analysis and examination planning, and evaluate report writing and presentations as they relate to forensic science, applying a broad spectrum of science and technologies to investigate and establish facts in relation to criminal or civil law
- Analyze media and file systems, computer and operating systems, network, mobile devices, embedded devices, multimedia and content, virtual system forensics and the techniques and tools used in the collection of any digital evidence that can be defined as data or transmitted via electronic means
- Apply software forensics to file formats and metadata; analyze web, email, and messaging forensics; and understand database forensics and malware forensics
- Describe the developing technologies and the practice of applying comprehensive and rigorous methods for collecting evidence within the hybrid and emerging technologies of cloud forensics, social networks, the big data paradigm, controls systems, critical infrastructure, and online gaming and virtual/augmented reality
Pré-requis
Don't yet have the necessary experience? If you're working on building your experience right now, you may earn the Associate of (ISC)² designation by passing the required CCFP examination.
The evolving field of cyber forensics requires professionals who understand far more than just hard drive or intrusion analysis. The field requires CCFP professionals who demonstrate competence across a globally recognized common body of knowledge that includes established forensics disciplines as well as newer challenges, such as mobile forensics, cloud forensics, anti-forensics, and more.
The CCFP credential indicates expertise in forensics techniques and procedures, standards of practice, and legal and ethical principles to assure accurate, complete, and reliable digital evidence admissible in a court of law. It also indicates the ability to apply forensics to other information security disciplines, such as e-discovery, malware analysis, or incident response. In other words, the CCFP is an objective measure of excellence valued by courts and employers alike.
The CCFP CBK consists of the following 6 domains:
Legal and Ethical Principles – Addresses ethical behavior and compliance with regulatory frameworks
- Nature of Evidence
- Chain of Custody
- Rules of Procedure
- Role of Expert Witness
- Codes of Ethics
Investigations – Encompasses the investigative measures and techniques required to gather digital evidence
- Investigative Process
- Evidence Management
- Criminal Investigations
- Civil Investigations
- Administrative Investigations
- Response to Security Incidents
- e-Discovery
- Intellectual Property
Forensic Science – Entails applying a broad spectrum of sciences and technologies to investigate and establish facts in relation to criminal or civil law
- Fundamental Principles
- Forensic Methods
- Forensic Planning and Analysis
- Report Writing and Presentation
- QA, Control, Management
- Evidence Analysis Correlation
Digital Forensics – Refers to the collection of any digital evidence which can be defined as data stored or transmitted via electronic means
- Media and File System Forensics
- Operating Systems Forensics
- Network Forensics
- Mobile Devices
- Multimedia and Content
- Virtual System Forensics
- Forensic Techniques and Tools
- Anti-Forensic Technology and Tools
Application Forensics – addresses the forensics complexities of the many application types that a CCFP candidate may encounter during a forensic investigation
- Software Forensics
- Web, Email, and Messaging
- Database Forensics
- Malware Forensics
Hybrid and Emerging Technologies – Contains the ever evolving technologies that the CCFP candidate is expected to have a sound understanding of
- Cloud Forensics
- Social Networks
- Big Data Paradigm
- Control Systems
- Critical Infrastructure
- Virtual/Augmented Reality