A few years back, I earned the CCFP Computer Forensics certification from ISC2. ISC2 (isc2.org) is a highly reputable certification organization, but they decided to pull back from the forensics certification as a business decision. They have since expired the CCFP certification.
The CCFP was a recognized certification and, at the time, covered the essential aspects of Computer Forensics. The intent of the certification was noted on the ISC2 website: “The CCFP exam covers a number of domains including legal and ethical principles, investigations, forensic science, digital forensics, and hybrid and emerging technologies. The examination, which costs $549, is a multiple-choice test with scenario-based questions.” Here’s the info link, but it looks like the content has since been removed: https://www.isc2.org/Certifications/CCFP
Like several others who have held the CCFP, I’m now in search of another viable industry-related certification that is respected, recognized, and (importantly, based on my experience) won’t vaporize in the next few years. From my active work in the industry, the SANS Institute has several highly-regarded cyber security and digital forensics certifications. Also, in reviewing a recent article entitled “Best Digital Forensics Certifications,” the author indicates that the SANS Institute GCFA (GIAC Certified Forensics Analyst) Certification, as an intermediate certification, has the bulk of active certifications. The link to the GCFA cert is here: https://www.giac.org/certification/certified-forensic-analyst-gcfa
In review of the website, the intention of the cert is stated as: “The GCFA certifies that candidates have the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios, including internal and external data breach intrusions, advanced persistent threats, anti-forensic techniques used by attackers, and complex digital forensic cases.”
Also, what I found quite interesting is that SANS notes the following comment on their website: “*No Specific training is required for any GIAC certification. There are many sources of information available regarding the certification objectives’ knowledge areas. Practical experience is an option; there are also numerous books on the market covering Computer Information Security. Another option is any relevant courses from training providers, including SANS.*” Quite frankly, this comment gives me a sigh of relief, in terms of the cost factor. As a Cyber Security Consultant, much of my training is primarily self-funded. This comment provides me with the re-assurance that I can do the studying from a lower cost perspective.
While SANS Institute training is highly regarded, it’s quite expensive. The benefit is that the SANS training is quite targeted to getting a learner through the subject area content and, most importantly, through the test successfully. Plus, the training is done in a short duration (typically in a week+). But, I cannot immediately afford the price tag, so I’ll opt for the longer path of self-study for this certification.
In a review of training resources for the GIAC Certification, here are a few links.
1. For starters, here’s the link to the GIAC Certified Forensic Analyst (GCFA) website that contains the essential objectives. This should be reviewed before starting the hunt for additional certification materials beyond this post: https://www.giac.org/certification/certified-forensic-analyst-gcfa
2. Udemy has plenty of certification courses that are developed by individuals who are (mostly) professionals in the field. Udemy is a wonderful place for inexpensive training. Quite frankly, some training at Udemy is top-notched while other training is sub-par. So, with Udemy, keep in mind the motto “Let the buyer beware.” Here’s a link to a Udemy course (as only an example of a link) for the GCFA exam overview. Please preview this course on your own, as I am not endorsing this course or any other courses on Udemy. Link: https://www.udemy.com/certified-forensics-analyst-gcfa/
3. YouTube is a repository of some good and some really really bad content. I’ve poked around and here’s an example of training (certainly unendorsed) as an example: https://www.youtube.com/watch?v=4sAMTjU1dlk
Aside from gathering video and audio content, I’ll select one or two print (or pdf) texts to support my review. The cost of text-book type of materials can be reduced by using sites like Scribd (link: http://www.scribd.com). But, again, with sites like Scribd, some content is excellent and some is sub-par.
Later on, if I surrender to the temptation of quick training (and a quick cert), which comes at a premium (time = money$), here are two viable options (of many):
1. InfoSec Institute Training for GCFA: https://www.infosecinstitute.com/courses/gcfa-certification-training-boot-camp/
2. SANS Institute – the prime source: https://www.sans.org/ondemand/courses/forensics
In summary, the acquisition for security-related certifications as an essential element to getting access into this field as an employee, contractor, or as a side-gig is essential to build up your industry reputation. Certification along with a solid academic record with supporting degrees can forward your progress in the cyber security and digital forensics field. Doing both at a reduced cost is a challenge, but it can be done.
Article Published here:
About the Author
Dr. Ron McFarland, CISSP, PMP is a Cyber Security Analyst at CMTC. He is a post-doctoral scholar for the University of Maryland University College. He received his doctorate from Nova Southeastern University’s School of Engineering and Computer Science and a post-doc graduate certificate in Cyber Security Technologies from the University of Maryland University College. He also holds multiple security certifications including the prestigious Certified Information Systems Security Professional (CISSP) certification and several Cisco certifications. He is a guest blogger at Wrinkled Brain Net (http://www.wrinkledbrain.net), a blog dedicated to Cyber Security and Computer Forensics. Dr. McFarland can be reached at his UMUC email: firstname.lastname@example.org