- CYBER FORENSICS ASSOCIATE EXAM OBJECTIVES
Analysis
1 Analysis
1.1 Analyze forensic images
1.2 Apply procedural concepts required to use forensic tools
1.3 Apply basic malware analysis using NIST accepted forensic techniques and tools
1.4 Identify anti-forensics techniques
1.5 Determine the important content of event logs in forensics
Discovery
2.1 Apply procedural concepts necessary to detect a hidden message inside a picture
2.2 Analyze a conversation between two endpoints from a PCAP file
2.3 Recognize that devices are kept in the same state as they were found
2.4 Determine how to gather evidence in a forensically sound manner
2.5 Apply procedural concepts required to discover evidence on different file systems
2.6 Apply procedural concepts required to gather evidence on different operating systems
2.7 Identify proper steps in network capture
2.8 Given a scenario, determine evidence of email crime
Evidence
3.1 Determine and report logon/logoff times for a specific user
3.2 Verify the authenticity of evidence (e.g., hash value)
3.3 Summarize the proper handling of evidence
3.4 Outline the process for creating a forensically sound image
3.5 Apply evidence collection to the chain of custody
3.6 Discriminate between a live acquisition and static acquisition
Documentation and Reporting
4.1 Apply forensic investigation methodology
4.2 Identify the steps necessary to validate an emergency contact list for incident response
4.3 Analyze a scene to determine what should be visually documented
4.4 Report findings from a malware analysis
4.5 Identify the elements of a complete forensics report
4.6 Communicate the results of an investigation to an internal team
Cyber Forensics Fundamentals
5.1 Identify different types of cybercrimes
5.2 Communicate incident handling and the response process
5.3 Distinguish between steganography and cryptography
What is included in the course fees?
This Course Fee excludes your exam voucher. Unfortunately, the Certiport Assessment Centres do not allow tuition providers to pay for learners and request that a learner does so themselves. Due to the fluctuation of the exam costs (Rand-US Dollar exchange), we are unable to indicate accurate exam costs, so you will need to contact your closest Certiport Centre to determine this exam cost. You can locate one closest to you here: www.certiport.com/Locator#.
Please, be aware that all course materials are only offered online. In other words, you will not be receiving any hard copies of the textbook, and you will need to access all the required content through your online classroom, where you’ll be able to find the following course content:
- A digital textbook (PDF) focused on all the content you’ll need to pass the exam successfully
- Videos and Learning material to ensure you are coveredto understand practical concepts
- Learning objectives and skills covered in each lesson
- A glossary of key terms for each lesson
- A summary of what you will learn, as well as the important points on which to focus
- Practice files OR quizzes to accompany the step-by-step exercises in your textbook
- A PDF summary of everything you’ve covered in the textbook
- A study guide and exercise files to help you with your exam prep
- A set of mock exams to be covered before undertaking global exams.
Exam Dates
You can start studying whenever you want – there are no specific course starting dates.
All of our assessments are computer-based and, therefore, done online. You are required to book an exam appointment via our Campus Assessment Centre at least 2 weeks prior to your exam date to prepare for your assessme
Accreditation
Status: Accredited course
Type & reward: EC-Council Cyber Forensics Associate Certificate
Provided by: EC-Council Minimum credits: N/A
G-CITI Campus is a registered provider of Adobe training programmes. Adobe is an industry leader in technological development and sets the de facto standard worldwide. They offer internationally recognised information technology certifications which provide valuable knowledge needed to begin or expand a career in information technology and development. They continuously update and develop their study programmes to keep up with technological advances, and they ensure that the exams are relevant to the IT industry.