Why should you attend?
Lead Computer Forensics Examiner training enables you to acquire the necessary expertise to perform Computer Forensics processes in order to obtain complete and reliable digital evidence. During this training course, you will also gain a thorough understanding of Computer Forensics fundamentals, based on the best practices used to perform forensics evidence recovery and analytical techniques. This training course is focused on core skills required to collect and analyze data from Windows, Mac OS X, and Linux operating systems, and also from mobile devices.
After mastering all the necessary concepts of Computer Forensics processes, you can sit for the exam and apply for a “PECB Certified Lead Computer Forensics Examiner” credential. By holding a PECB Lead Computer Forensics Examiner Certificate, you will be able to prove that you have the expertise to lead advanced forensic investigations and conduct forensics analysis, reporting, and evidence acquisition.
Who should attend?
- Computer Forensics specialists
- Computer Forensics consultants
- Cybersecurity professionals
- Cyber intelligence analysts
- Electronic data analysts
- Specialists in computer evidence recovery
- Professionals working or interested in law enforcement
- Professionals seeking to advance their knowledge in Computer Forensics analysis
- Information Security team members
- Information technology expert advisors
- Individuals responsible for examining media to extract and disclose data
- IT Specialists
- Understand the roles and responsibilities of the Lead Computer Forensics examiner during digital forensic investigation
- Understand the purpose of electronic media examination and its correlation with common standards and methodologies
- Comprehend the correct sequence of steps of a computer incident investigation and digital forensic operation
- Understand the common commercial and open source tools that may be used during incident investigation and digital forensic operations
- Acquire the necessary competencies to plan and execute a computer forensics operation and also implement and maintain a safety network to protect evidence
- This training is based on both theory and best practices used in Computer Forensics
- Lecture sessions are illustrated with examples based on case studies
- Practical exercises are based on a case study which includes role playing and discussions
- Practice tests are similar to the Certification Exam
Knowledge on Computer Forensics.
Day 1: Introduction to Incident Response and Computer Forensics concepts
Day 2: Prepare and lead a Computer Forensics investigation
Day 3: Analysis and management of digital artifacts
Day 4: Case Presentation & Trial Simulation
Day 5: Certification Exam
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about Computer Forensics certifications and the PECB certification process, please refer to the Certification Rules and Policies.
The requirements for PECB Computer Forensics Examiner Certifications are:
|Credential||Exam||Professional experience||CLFEMS project experience||Other requirements|
|PECB Certified Provisional Forensics Examiner||PECB Certified Lead Forensics Examiner Exam or equivalent||None||None||Signing the PECB Code of Ethics|
|PECB Certified Forensics Examiner||PECB Certified Lead Forensics Examiner Exam or equivalent||Two years: One year of field experience in computer forensics||Forensics activities totaling 200 hours||Signing the PECB code of ethics|
|PECB Certified Lead Forensics Examiner||PECB Certified Lead Forensics Examiner Exam or equivalent||Five years: Two years of field experience in computer forensics||Forensics activities totaling 300 hours||Signing the PECB code of ethics|
To be considered valid, these computer forensics activities should follow best implementation practices and include the following:
- Conducting forensic investigation
- Post incident response activities
- Network management
- Computer forensics examination and analysis planning
- Analysis of file systems and digital media
- Forensics analysis of operating systems and networks
- Forensics analysis of computer and mobile devices
- Gathering digital evidence
After successfully completing the exam, you can apply for the credential shown on the table below. For more information about Computer Forensics certifications and the PECB certification process, please refer to the Certification Rules and Policies.
The requirements for this certification are:
|Credential||Exam||Professional experience||MS audit/assessment experience||CLFEMS project experience||Other requirements|
|PECB Certified Forensics Examiner Foundation||Computer Forensics Foundation exam or equivalent||None||None||None||Signing the PECB Code of Ethics|
- Certification fees are included on the exam price
- Training material containing over 450 pages of information and practical examples will be distributed
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
What is Computer Forensics?
Computer Forensics, also known as Cyber Forensics refers to the analysis of information in the computer systems, with the objective of finding any digital evidence that can be used for legal proceedings, but also to discover the cause of an incident. Computer forensics is the process of extracting data and information from computer systems to function as digital evidence for civic purposes, or in most cases to prove and legally impeach cybercrime.
The purpose of computer forensics is to provide forensic practices, legal processes, and ethical principles to assure reliable and detailed digital evidence that can be used for the courtroom needs. The objective of computer forensics is to guarantee a well-structured investigation and a follow-up of processes in order to resolve incidents and malfunctions in an organization.
Why is Computer Forensics important to you?
A forensics process is applied after the cyber attack or incident has occurred in order to collect and analyze the data to determine what happened, how did it happen and why did it happen? Computer forensics can be used as a tool to exploit backdoors that should be patched. A computer forensics investigation is a proficient mechanism that allows organizations’ to rationalize their time and immense financial impacts.
An internationally recognized computer forensic professional will be able to provide a detailed investigation of computer systems and assist the law enforcement authorities. Computer forensics’ provide you with the advantage of learning and practicing the latest comprehensive security methodologies of network systems, encryption technology, file operating systems, and criminal science.
Benefits of Computer Forensics
- By becoming Certified Computer Forensics Professional you will be able to:
- Understand the role of computer forensics in the business world.
- Support an organization to prevent incident occurrence
- Learn the prime forensic skills that can be applied in different situations.
- Improve your forensic techniques and tools to identify and respond to cybercrimes.
- Become an internationally recognized digital forensic professional