There are a number of computer forensics certifications that one could choose to challenge including the Encase Certified Examiner (EnCE), AccessData Certified Examiner (ACE), Certified Computer Examiner (CCE), GIAC Certified Forensics Analyst (GCFA) and Certified Computer Forensic Examiner (CFCE) to name a few.
How then, does one choose the appropriate certification to pursue? While all of the certifications listed above are valuable, I would recommend pursuing one that includes a practical examination and one in which you can use the tools with which you are most familiar. As an example, it is going to be difficult for you to pass the ACE if the only forensic utility that you've used is EnCase Enterprise.
If you are trying to obtain a certification in order to break into the computer forensics field, I'd recommend searching the job boards for computer forensics positions to see the utilities that they are most often listing as required skills. About.com provides a good overview of most of the computer forensics certifications so I'm not going to go into the nitty gritty of each certification. If you are interested in reviewing their coverage, go to www.about.com and search for "computer forensic certifications."
Call me biased, but I am personally a fan of the EnCE certification. EnCase is a standard of the industry and found in most, if not all, computer forensics shops. So having the EnCE certification demonstrates to employers that you have mastered the tools that they use in their forensic labs.
In addition, passing the EnCE practical was a major confidence booster for me and I have used many of the techniques that I learned as a result of the EnCE practical during my "real" analysis.
In summary, in order to determine the proper computer forensics certification I would look at the following:
The EnCase Certified Examiner (EnCE) examination is a two part examination that consists of a written portion and a practical. The practical is difficult, but it tests the basic computer forensic skills that an examiner must have. The Forensic Secrets eBook is a concise guide to passing the EnCE practical. It is by no means a brain dump of the examination but rather a compilation of the techniques that are necessary to pass the practical portion of the exam.
| Additionally, the Forensic Secrets eBook is an ideal "just the facts" reference for all computer forensic examiners to have as part of their library. The eBOok can be found at http://www.encesecrets.com Article Source: http://EzineArticles.com/?expert=John_Golinvaux |
No comments:
Post a Comment