Saturday, May 22, 2021

Materi Sertifikasi : Cyber Forensics Associate (CFA) Certification Exam Objectives

The Cyber Forensics Associate(C|FA) certification demonstrates an individual’s knowledge on how to detect hacking attacks and properly extract evidences to report the crime and conduct audits to prevent future attacks. Individuals who learn the principles of digital forensics can become invaluable members of incident handling and incident response teams. The purpose of the Cyber Forensics Associate credential is to validate the candidate’s skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.


A. Analysis

  1. Analyze forensic images 
  2. Apply procedural concepts required to use forensic tools
  3. Apply basic malware analysis using NIST accepted forensic techniques and tools
  4. Identify anti-forensics techniques
  5. Determine the important content of event logs in forensics

B. Discovery

  1. Apply procedural concepts necessary to detect a hidden message inside a picture
  2. Analyze a conversation between two endpoints from a PCAP file
  3. Recognize that devices are kept in the same state as they were found
  4. Determine how to gather evidence in a forensically sound manner
  5. Apply procedural concepts required to discover evidence on different file systems
  6. Apply procedural concepts required to gather evidence on different operating systems
  7. Identify proper steps in network capture
  8. Given a scenario, determine evidence of email crimes

C. Evidence

  1. Determine and report logon/logoff times for a specific user
  2. Verify the authenticity of evidence (e.g., hash value)
  3. Summarize the proper handling of evidence
  4. Outline the process for creating a forensically sound image
  5. Apply evidence collection to the chain of custody
  6. Discriminate between a live acquisition and static acquisition

D. Documentation and Reporting

  1. Apply forensic investigation methodology
  2. Identify the steps necessary to validate an emergency contact list for incident response
  3. Analyze a scene to determine what should be visually documented
  4. Report findings from a malware analysis
  5. Identify the elements of a complete forensics report
  6. Communicate the results of an investigation to an internal team 
E. Cyber Forensics Fundamentals

  1. Identify different types of cybercrimes
  2. Communicate incident handling and the response process
  3. Distinguish between steganography and cryptography

No comments:

Post a Comment