Computer forensics certifications

Hands-on experience is essential to any kind of forensics proficiency and knowledge. Whether you get that experience at work or in your own time elsewhere, you really can't pursue such credentials without spending lots of time learning and doing packet traces, analyses and forensic reconstructions of event sequences, attack signatures and so forth.

That said, you can pursue any number of programs in this area that will get you credentials in this subject matter, though it may sometimes be stated in terms of protocol analysis rather than forensics, per se. But the two topics are practically inseparable, so don't let this dissuade you from following any of the paths I'm about to recommend:

1.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

EnCase Certified Examiner
Requires six months of experience or 32 hours of classroom training in Guidance software's EnCase forensic analysis products (widely used by law enforce- ment and IT security professionals).

2. Pine Mountain Group Certified NetAnalyst program
Various levels of certification that include coverage of forensic tools and techniques throughout. No experience requirements jump out at me, but PMG really wants you to attend all four weeks (or more) of their training classes to get certified.

3. Sniffer Certified Professional program
Sniffer technologies wants you to have Sniffer and take their training, too.

4. WildPackets NAX or Network Analysis Certification
Same as above, except WildPackets prefers (but does not require) that you use Etherpeek and wants you to go to WildPackets Academy for training.

That's about all the directly relevant stuff I know of, but for a broader survey of the subject matter, visit www.informit.com and search on "tittel protocol analysis" to read an article I wrote for them that goes into more detail on this subject.

For more information on this topic, visit these other SearchSecurity.com resources:
News & Analysis: Veteran sleuth on the cutting edge of cybercrime investigation
Featured Topic: Computer forensics


This was first published in January 2003

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Back to top