The Ethical Hacker Network - Which computer forensic cert is the most valuable?

YuckTheFankees

Sr. Member

Offline

Posts: 276

Which computer forensic cert is the most valuable?

« on: December 11, 2011, 06:15:52 PM »

There are only a few certs that I know about CHFI, GCFA, and EnCE. From your experience or knowledge, can you tell me which one you would prefer and why?

Thanks


	Logged

Let's go Red Wings!

xXxKrisxXx

Sr. Member

Offline

Posts: 491

Re: Which computer forensic cert is the most valuable?

« Reply #1 on: December 12, 2011, 12:06:54 PM »

I saw the thread wasn't getting too much attention. I figure I'll add on my opinion. I threw each certification onto Dice 1 at a time and noticed EnCE had the most results for open jobs. I'm not a forensics guy on my end, but it looks like be either EnCE or GCFA are top listed. They all look well known in the forensics industry but I would prefer to hold the GCFA due to the GIAC certifications looking really nice on a resume. A job I noticed that was listed for it that wasn't listed for the CHFI and EnCE roles were Malware Reverse Engineer - that sounds pretty wicked. Wink


	Logged

OSCP, OWSP, eCPPT

pseud0

Recruiters
Full Member

Offline

Posts: 204

Re: Which computer forensic cert is the most valuable?

« Reply #2 on: December 12, 2011, 12:59:49 PM »

Think about it in regards to what the certs actually mean. The GCFA and others like it are meant to show that you're very familiar with the process of forensics and generally familiar with a variety of tools. The EnCE and others like it are meant to show that you're very familiar with one tool and generally familiar with the overall process of forensics.

If you're focusing on traditional forensics and face a lot of time on the witness stand, a tool based cert (eg. EnCE) will go far since the opposing lawyers will spend a lot of effort trying to find weaknesses in the various tools and processes you use as well as your experience with each. If you have a cert in a well known, vetted product like EnCase and you follow your checklists to the letter it is hard to get yourself in trouble and hard for them to portray you as being unskilled/unfamiliar with your tools.

If you're focusing on non-traditional forensics (more incident response focused and less litigation focused) then the general certs will probably go farther as they suggest that your skillset is broad versus deep. (familiar with a lot of tools and platforms rather than being an expert witness in one specific tool) You can also specialize with additional certs like the GREM for malware, network forensics, etc. Please note that I'm implying that much of this is about appearances. I know folks that are skilled in both areas, but many people will eventually choose to favor one path over the other.


	Logged

CISSP, CISM, CISA, GCIH, CEH, HMFIC, KTHXBIROFLCOPTER

YuckTheFankees

Sr. Member

Offline

Posts: 276

Re: Which computer forensic cert is the most valuable?

« Reply #3 on: December 13, 2011, 10:08:41 AM »

As of right now I would prefer a job with less litigation but I really don't know enough right now to choose. I think my course of study is to read about 3-5 forensic books..I started http://www.amazon.com/Computer-Forensics-JumpStart-Michael-Solomon/dp/0470931663/ref=sr_1_11?ie=UTF8&qid=1323789441&sr=8-11 and I should be done with it later tonight or tomorrow..

the next book will be http://www.amazon.com/System-Forensic-Analysis-Brian-Carrier/dp/0321268172/ref=pd_sim_b_2

3.http://www.amazon.com/Windows-Forensic-Analysis-Toolkit-Second/dp/1597494224/ref=pd_sim_b_1

4.http://www.amazon.com/Digital-Forensics-Open-Source-Tools/dp/1597495867/ref=pd_sim_b_4

I'm trying to read 75-100 pages a day but I'll probably start taking notes after the 1st book..so the number of pages will probably go down.

After those 4 books, I should have a good understanding of CF..so I'll start studying for the CHFI...then move to GCFA (if the money situation works out)...if I'm not burnt out by that point..EnCE


	Logged

Let's go Red Wings!

Joshsevo

Sr. Member

Offline

Posts: 263

Re: Which computer forensic cert is the most valuable?

« Reply #4 on: December 13, 2011, 05:23:23 PM »

This book was refered to me by a Sr Computer Forensics Analyst years ago and then a few months later in school this was the one we used as the book for the class. Very good book

http://www.amazon.com/Digital-Evidence-Computer-Crime-Third/dp/0123742684/ref=sr_1_6?ie=UTF8&qid=1323818518&sr=8-6

Think about picking it up.


	Logged

CHFI, C|EH, Security+, CPT

don

Editor-In-Chief
Administrator
Hero Member

Offline

Posts: 3917

Editor-In-Chief

Re: Which computer forensic cert is the most valuable?

« Reply #5 on: December 15, 2011, 08:43:07 AM »

CCE was always highly regarded as it includes a practical portion of the exam. Not sure how many certs they give out a year or how well they've been doing lately, but thought I'd throw it into the mix:

http://www.isfce.com/certification.htm

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

Pages: [1] Go Up

« previous next »