CCFP : Certified Cyber Forensics Professional
  • Overview
  • Course Outline
  • What is included
  • Schedule
  • Testimonials
  • View Comments

This certification training provides a comprehensive review of cyber forensic concepts and industry best practices, covering the 6 domains of the CCFP CBK:

  • Legal and Ethical Principles
  • Investigations
  • Forensic Science
  • Digital Forensics
  • Application Forensics
  • Hybrid and Emerging Technologies

The course is a combination of instructor lecture, hands-on lab exercises, instructor demonstrations and practicum exam with after-exam review.

This training course will help candidates review and refresh their cyber forensic knowledge and help identify areas they need to study for the CCFP exam and features:

  • Official (ISC)² courseware
  • Taught by an authorized (ISC)² instructor
  • Student handbook and laboratory handbook
  • Collaboration with classmates
  • Real-world learning activities and scenarios
  • Live, hands-on labs

The course is intended for intermediate to advanced cyber forensics professionals who have at least three years of recent full-time digital or IT security experience in cyber forensics. The CCFP CBK defines the work experience as pertaining to cyber/digital forensics, legal investigation, or application forensics. It builds on and brings together the holistic view of the cyber forensics topics covered in the everyday environment of corporate, legal, law enforcement, and government occupations. Forensics experience is highly recommended for the successful completion of the course.

Examples of work experience may include:

  • Digital forensic examiners in law enforcement supporting criminal investigations
  • Cybercrime and cybersecurity professionals working in the public or private sectors
  • Computer forensic engineers and managers working in corporate information security
  • Digital forensic and e-discovery consultants focused on litigation support
  • Cyber intelligence analysts working for defense/intelligence agencies
  • Computer forensic consultants working for management or specialty consulting firms 
Exams Covered
Course Prerequisite

After completing this workshop, participants will be able to: 

  • Analyze the nature of evidence, chain of custody, rules of procedure, and the role of expert witness as they pertain to the legal and ethical principles, concepts, methodologies, and their implementation within centralized and decentralized environments across an organization's computing environment
  • Demonstrate an understanding of investigations as they relate to data communications in local area and wide area networks, remote access, and Internet/intranet/extranet configurations
  • Analyze fundamental principles, forensic methods, forensic analysis and examination planning, and evaluate report writing and presentations as they relate to forensic science, applying a broad spectrum of science and technologies to investigate and establish facts in relation to criminal or civil law
  • Analyze media and file systems, computer and operating systems, network, mobile devices, embedded devices, multimedia and content, virtual system forensics and the techniques and tools used in the collection of any digital evidence that can be defined as data or transmitted via electronic means
  • Apply software forensics to file formats and metadata; analyze web, email, and messaging forensics; and understand database forensics and malware forensics
  • Describe the developing technologies and the practice of applying comprehensive and rigorous methods for collecting evidence within the hybrid and emerging technologies of cloud forensics, social networks, the big data paradigm, controls systems, critical infrastructure, and online gaming and virtual/augmented reality

Domain 1: Legal and Ethical Principles 

  • Nature of Evidence
  • Chain of Custody
  • Rules of Procedure
  • Role of Expert Witness
  • Codes of Ethics

Domain 2: Investigations 

  • Investigative Process
  • Evidence Management
  • Criminal Investigations
  • Civil Investigations
  • Administrative Investigations
  • Response to Security Incidents
  • e-Discovery
  • Intellectual Property

Domain 3: Forensic Science 

  • Fundamental Principles
  • Forensic Methods
  • Forensic Planning and Analysis
  • Report Writing and Presentation
  • QA, Control, Management
  • Evidence Analysis Correlation

Domain 4: Digital Forensics 

  • Media and File System Forensics
  • Operating Systems Forensics
  • Network Forensics
  • Mobile Devices
  • Multimedia and Content
  • Virtual System Forensics
  • Forensic Techniques and Tools
  • Anti-Forensic Technology and Tools

Domain 5: Application Forensics 

  • Software Forensics
  • Web, Email, and Messaging
  • Database Forensics
  • Malware Forensics

Domain 6: Hybrid and Emerging Technologies

  • Cloud Forensics
  • Social Networks
  • Big Data Paradigm
  • Control Systems
  • Critical Infrastructure
  • Virtual/Augmented Reality