Certified Computer Forensics Examiner (CCFE) Learning Path
14 hours, 39 minutes
Quick facts
About this learning path
-
courses
100% online
-
Duration
14 hours, 39 minutes
-
Assessment
questions
About Certified Computer Forensics Examiner (CCFE)
Master the art of computer forensics and earn your Certified Computer Forensics Examiner (CCFE) certification. This learning path contains 13 courses, each meticulously matched to the core objectives of the CCFE exam, as well as a series of hands-on labs so you can build real-world forensics skills. Once you’ve completed the path, you’ll be ready to get your CCFE certification and showcase your newly acquired knowledge in conducting computer forensics investigations.
Who is this learning path for?
- Digital Forensics Analyst: Break into computer forensics and acquire the foundational knowledge and skills to perform forensics investigations.
- Current IT professionals: Expand your skill set and specialize in computer forensics, from SOC Analysts to Penetration Testers.
- Information Risk Analysts and compliance officers: Acquire skills to help with IT audits, compliance and regulatory matters involving electronic evidence.
- Law enforcement officers: Gain a technical understanding of computer forensics to enhance investigations.
- Legal professionals: Understand the technical aspects of computer forensics to aid cybercrime cases.
- Anyone aiming to gain a strong, comprehensive understanding of computer forensics: Prove your skills with a recognized computer forensics certification.
By the end of this learning path, you will:
Have a foundation of computer forensics skills related to the nine domains covered in the CCFE exam:
- Law, ethics and legal issues
- The investigation process
- Computer forensic tools
- Hard disk evidence recovery and integrity
- Digital device recovery and integrity
- File system forensics
- Evidence analysis and correlation
- Evidence recovery of Windows-based systems
- Network and volatile memory forensics
- Report writing
In addition, you’ll reinforce what you learned in our Computer Forensics Cyber Range, where you’ll get hands-on experience using Volatility, running Linux commands, recovering data, practicing file carving and more.
Syllabus
CCFE Skill Assessment
Assessment - 50 questions
CCFE Practice Exam
Assessment - 50 questions
Custom CCFE Practice Exam
Assessment - 50 questions
Computer Forensics as a Profession
Course - 00:27:00
At the bottom of it, forensics is the job of proving or disproving a theory in a reproducible manner. Take a closer look at the nitty-gritty of computer forensics as a profession with this three-video course, covering duties of the forensic analyst, teams, roles, division of labor, tools, procedure and practical advice from a long-time forensic analyst. Do laws supersede corporate policy? Why shouldn’t you admit to using hacker tools in court? Find out here.
Digital Evidence and Legal Issues
Course - 01:52:00
“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated … “ Eleven videos take the student on a deep dive into the potential legal issues surrounding computer forensics. Take a closer look at search warrants, civil and criminal claims, chain of custody, the difference between forensics and e-discovery, ethics, application of the Fourth and Fifth Amendments to forensics, the potential difficulties that come with acting as an expert witness and more. Includes numerous example cases.
Computer Forensics Investigations
Course - 02:22:00
“They wasted three days before they even thought to ask me: Am I pretending to be their printer?” And they should have asked, because yes, he was. Fourteen videos take you through the intense process of computer forensics investigations, including the hiding places and secret ways in (like printers) that investigators and criminals might make use of. Beginning with basic procedures, you will examine the nuances of intellectual property investigations, e-discovery, the pros and cons of live analysis and historical analysis, useful tools, potential sources of trouble, search methodology, disk write protection, bit image copies and even writing reports. Includes tools, demonstrations, case studies and a checklist for the ideal forensic machine build.
Aspects of Hard Drives
Course - 00:44:00
Get technical with this four-video course on aspects of hard drives in a forensic context. Hard drive physical and logical components, sectors, the Master Boot Record, the challenges of live forensics and future considerations in the field of computer forensics are combined with an overview of settings, tools and examples.
File Systems
Course - 00:45:00
Four videos look at the challenges, details and structure of file systems. Beginning with the basics such as the difference between undeleting and data carving, this course explores a broad variety of essential topics such as MS-DOS file storage and deletion, NTFS (New Technology File System), attribute headers, VCN (virtual cluster number) and LCN (logical cluster number), inodes, drive slack and more. Includes diagrams and possible tools for use by the forensic investigator.
Email and Browser Forensics
Course - 02:01:00
They say you can tell a lot about someone by the company they keep — or the emails they write. Eleven videos take an in-depth look at the art of email and browser forensics, from the advantages (or disadvantages) of incognito browsing to types of browsers, flavors of cookie, lesser-known data records, tools and more. Explore the secrets hidden in email headers and examine how the OWASP Top 10 vulnerabilities can be put to work for forensic investigators.
Network Forensics Concepts
Course - 00:50:00
A network is simply defined as a group of computers connected together … But there’s far more to it than that. This five-video course takes you through the knowledge, tools and techniques needed to conduct the complex business of network forensics. Includes close looks at packet structure, common ports, IP address and Media Access Control (MAC) address spoofing, connection types, example cases related to innovative tools and even the potential dangers associated with certain avenues of approach.
Data Hiding
Course - 00:40:00
Four videos take you through the complexities and challenges of data hiding. From cryptographic hashes to rainbow tables, steganography, log tampering and more, this course reviews various ways of both hiding data and detecting hidden data, including tips, tools and examples.
Memory Forensics
Course - 00:19:00
Memory forensics is the analysis of volatile data stored in a system’s memory, and the key word here is “volatile.” This course looks at the complexities of memory forensics, beginning with a close examination of two valuable tools (Volatility and VirusTotal) and proceeding to live analysis, the dangers of memory forensics, examples of memory, definitions of terms such as stack and live capture, basic processes and further tools, vocabulary and examples. Prepare yourself for a challenge!
Passwords and Encryption
Course - 00:50:00
How do you break a suspect’s password? You can use sophisticated tools and cutting-edge techniques … or you can simply ask the suspect. A veteran instructor with extensive real-world knowledge teaches our five-video course on passwords and encryption in a forensic context, giving you the real nitty-gritty on everything from hashes and protected password storage to common password hiding locations (always check the desk drawers), Windows’ Encrypting File System, recovery tools, SAM (System Account Manager), the four primary hashing methods for Windows passwords and much more. Learn when to break a password, when to steal the answer and when to simply work around it.
New and Emerging Technologies
Course - 01:05:00
Rapidly-evolving technologies inevitably transform through crime. Now six modules take a closer look at the challenges of new and emerging technologies in a forensic context: virtualization, social networks and gaming. Beginning with virtualization, this course takes you through what you can expect to face when trying to forensically examine cloud data or a virtual machine, the dangers of malware applications adapting to virtual machine environments, big data (“Those that control the algorithm, control the information”), gathering evidence from social media, crime and criminals on interactive games like Second Life and more. Includes tools, examples and terminology.
Introduction to Mobile Forensics
Course - 00:44:00
Mobile phone technology is one of the most rapidly evolving areas in tech today, and that makes investigating it a challenge. Our four-video course takes a closer look at mobile forensics, including tools, examples and notable issues the investigator is likely to encounter: dead-box versus live forensics, volatile and nonvolatile memory, Subscriber Identity Module (SIM) cards, the mobile device seizure process, details of individual mobile OSes, information retrieval methods and more.
File and Operating System Forensics
Course - 01:25:00
“When dealing with operating system forensics — realistically, it comes down to what operating system you’re trying to get access to.” Eight videos give the student an inside look at file and operating system forensics, courtesy of an experienced and professional instructor. Examine the parts of an operating system and explore string searches, deleted files, fragmentation, the limitations of text searches, viewing and recovering graphic files, file carving, compression, malware, tools, vocabulary and more. Includes example uses and demonstration of the Autopsy tool.
The details
Learning path insights
How to claim CPEs
Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- All-Source Analyst
- Mission Assessment Specialist
- Exploitation Analyst
No software. No set up. Unlimited access.
Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Learn about scholarships and financing with
