.

Which forensics certification is best? And other questions

Which (civilian) forensics certification is the best?

CCE
0
No votes
CHFI
2
40%
EnCE
3
60%
ACE
0
No votes
Other (Please specify in reply)
0
No votes
 
Total votes : 5
<<

harky

Newbie
Newbie

Posts: 10

Joined: Wed Dec 19, 2007 4:42 pm

Location: Germantown Hills, IL (seeking relocation to Chicago area)

Post Thu Apr 03, 2008 1:10 pm

Which forensics certification is best? And other questions

Hello All and Thank You for your time,

First an introduction:
--------------------
I am a Master's student in Computer Engineering and Information Assurance at Iowa State University.  I just completed two Bachelor's degrees in Computer Engineering and Computer Science.  Throughout my 7 years of college I have been involved in computer and network security through both work and student organizations.

As part of my graduate assistantship, I have been assisting in a law-enforcement computer forensics lab and assisting with computer forensics investigations.  I have decided that this is the career that I want to pursue. 

I am planning on graduating in December of this year and would like to work in (or within a couple hours of) the Chicago area.  I would be interested in either the law-enforcement or civilian path.
--------------------

Now, the questions:

1) Would obtaining a certification now be particularly helpful in my career search? (As mentioned above, i do have some experience and plan to continue my current work through December.)

2) What are the differences between the certifications? (For example, does CHFI focus more on network intrusion/attack/etc. investigations than the CCE?)

3) Which certification exams can be taken without attending a formal training/boot camp?

4)Which certification would people recommend for my situation/goals?

5) DOES ANYBODY KNOW OF ANY POSSIBLE FUNDING/ASSISTANCE WHICH CAN BE USED TOWARDS TRAINING/CERTIFICATIONS?

6) Any recommendations for networking/career searching to locate careers in the field?


Here are some ideas I have currently.  Your comments are encouraged and welcome.  After 7 years of school (without parental financial support) I really do not have money laying around and being able to avoid additional debt would be ideal. (Thus why question 6, above, could be a huge help).

1) Additional self study and then apply to take the CCE exam.

2) Take a small loan and attend ChicagoCon 2008 for networking opportunities. (Does anyone know if they use interns? I know some other conferences allow students to act as interns (assist with check-in, setup activities, etc.) and attend the conference events for free. If so, who would I contact?)

3) Take a large loan (student loan if possible) and attend ChicagoCon 2008 and take the training for CHFI.  (Does anybody know if there are any prerequisite training/experience/certifications/etc. for this?)

4) Wait until I have an employer and obtain training and certification as they deem fit (and as they will fund).

5) Do both 1) and 2).


Well, if you read this far, I greatly appreciate your time.  Your comments, suggestions, etc. will be very appreciated.

Thank You for your time.
Last edited by harky on Thu Apr 03, 2008 1:21 pm, edited 1 time in total.
Daniel Harkness
MCSA, MCSE, CCE
MS - CprE and InfAs
BS - CprE
BS - ComS
<<

pseud0

User avatar

Recruiters
Recruiters

Posts: 210

Joined: Sat Nov 17, 2007 8:26 pm

Location: Detroit, Michigan

Post Thu Apr 03, 2008 1:55 pm

Re: Which forensics certification is best? And other questions

Just some quick input, but a lot of people who are "in the trenches" will tell you the EnCE is the most popular technical forensics cert at the moment.  There are a lot of reasons, but they generally come down to:
-EnCase is still the tool of choice for most large scale forensic shops
-It helps give you weight as an expert witness if you have to testify

The second one is more important than you might think. You can have a lot of formal education and more general forensic certs, but still get torn up on the stand when you start to get questions like "are you actually certified in the tools you used when preparing the case against my client?"  Please note that you need to have 12 months of forensics experience to get the cert if you do not want to take the authorized classes.  (64 hours last time I checked)
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER
<<

harky

Newbie
Newbie

Posts: 10

Joined: Wed Dec 19, 2007 4:42 pm

Location: Germantown Hills, IL (seeking relocation to Chicago area)

Post Tue Apr 15, 2008 10:31 am

Re: Which forensics certification is best? And other questions

Hey all,
Thanks for the suggestion and for those of you who voted on the survey.  I definitely still welcome more comments, but figured I would pass on my decision (based off of posts in other forums, and discussions with some other computer forensics investigators).

I am going to be heading to ChicagoCon 2008s for the Conference Only portion on Saturday to take in the presentations and hopefully do some networking.  And then I am going to be working on some self-study and applying to take the CCE exam this summer.
Daniel Harkness
MCSA, MCSE, CCE
MS - CprE and InfAs
BS - CprE
BS - ComS
<<

Artful Dodger

Newbie
Newbie

Posts: 43

Joined: Tue Apr 29, 2008 8:58 am

Post Tue Apr 29, 2008 9:16 am

Re: Which forensics certification is best? And other questions

I think this is a good question.  And it really shows the immaturity of this feild.  It is great to be part of something so young in development.  As Psud0 stated, it may be important on the stand.  But then again I know several lawyers and kinda understand how they think...they will look for a weak spot regardless.  Meaning, If you are certified in Encase, they will bust your balls about other technologies or investigative procedures.  It also depends on what you are investigating.  If you are investigating network and internet issues you may get grilled on you knowledge (and proff of) of the netowrking and how you got your conclusions.  Most people here know the law and lawyers dont always play by reality:)

All in all the best idea is to get a 1 or 2 technical certs and 1 or 2 forensic ones.  Being well rounded has never hurt anyone.  As for the "best"...I think it all depends on situation.  hwos that for a long non-answer!
CISSP, C|HFI, Security+, Network+, XYZ...blah.

Return to Forensics

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software