CCFP Domains

The CCFP examination domains and weights are:

Domains

Weight

1. Legal and Ethical Principles

12%

2. Investigations

20%

3. Forensic Science

20%

4. Digital Forensics

28%

5. Application Forensics

12%

6. Hybrid and Emerging Technologies

8%

Total

100%


Legal and Ethical Principles – Addresses ethical behavior and compliance with regulatory frameworks   

  • Nature of Evidence
  • Chain of Custody
  • Rules of Procedure
  • Role of Expert Witness
  • Codes of Ethics

Investigations – Encompasses the investigative measures and techniques required to gather digital evidence

  • Investigative Process
  • Evidence Management
  • Criminal Investigations
  • Civil Investigations
  • Administrative Investigations
  • Response to Security Incidents
  • e-Discovery
  • Intellectual Property

Forensic Science – Entails applying a broad spectrum of sciences and technologies to investigate and establish facts in relation to criminal or civil law

  • Fundamental Principles
  • Forensic Methods
  • Forensic Planning and Analysis
  • Report Writing and Presentation
  • QA, Control, Management
  • Evidence Analysis Correlation

Digital Forensics – Refers to the collection of any digital evidence which can be defined as data stored or transmitted via electronic means

  • Media and File System Forensics
  • Operating Systems Forensics
  • Network Forensics
  • Mobile Devices
  • Multimedia and Content
  • Virtual System Forensics
  • Forensic Techniques and Tools
  • Anti-Forensic Technology and Tools

Application Forensics – addresses the forensics complexities of the many application types that a CCFP candidate may encounter during a forensic investigation

  • Software Forensics
  • Web, Email, and Messaging
  • Database Forensics
  • Malware Forensics

Hybrid and Emerging Technologies – Contains the ever evolving technologies that the CCFP candidate is expected to have a sound understanding of

  • Cloud Forensics
  • Social Networks
  • Big Data Paradigm
  • Control Systems
  • Critical Infrastructure
  • Virtual/Augmented Reality

The CCFP candidate must have a 4-year college degree leading to a baccalaureate, or regional equivalent, plus 3 years of cumulative paid, full-time digital forensics or IT security experience in 3 out of the 6 domains of the credential.

Those candidates who do not hold a 4-year college degree leading to a baccalaureate, or regional equivalent, must have 6 years of cumulative paid, full-time digital forensics or IT security experience in 3 out of the 6 domains of the credential. Candidates without the required degree may receive a 1-year professional experience waiver for holding an alternate forensics certification on the (ISC)²-approved list.

Download the Exam Outline for more information.


Logo CCFP
 
Advance your it security career

 orange line

White Paper

An Introduction to Digital
Forensics in Law Enforcement

Download Now  

orange line