icon-carat-right menu search cmu-wordmark

CERT Certificate in Digital Forensics

In today's networked world, it is essential for system and network administrators to understand the fundamental areas and the major issues in computer forensics. Knowledgeable first responders apply good forensic practices to routine administrative procedures and alert verification, and know how routine actions can adversely affect the forensic value of data. This awareness will greatly enhance system and network administrators' effectiveness when responding to security alerts and other routine matters.

The CERT Certificate in Digital Forensics is designed to familiarize experienced system and network computer professionals with the essential elements of digital forensics and build on their existing technical skill set. Completion of this Professional Certificate will prepare administrators to approach both routine and unusual events in a systematic forensic manner.

The CERT Certificate in Digital Forensics is a Professional Certificate program that includes two (2) eLearning courses. Upon registering for this CERT Certificate, you will receive access to both the Introduction to Computer Forensics course and Advanced Digital Forensics course:

Introduction to Computer Forensics

Computer forensics is the convergence of computer science and law that governs the collection and analysis of data about computer systems and network connections. This course teaches about the tasks, processes, and technologies to identify, collect and preserve, and analyze data so that it can be used in a judiciary setting. This eLearning course contains one (1) hour and 40 minutes of video instruction that may be studied incrementally.

Advanced Digital Forensics

The Advanced Digital Forensics focuses on the entire investigative process, from the very beginning through the conclusion and determination of 'who did it.' This course focuses on building your skills to improve your ability to piece together the various components of the digital investigation. Optional course exercises provide opportunities for you to apply the knowledge you'll learn by responding to a realistic scenario from the awareness of a suspected incident to the conclusion. This eLearning course contains five (5) hours of video instruction. Five (5) optional exercises are provided as VM and application files for download.

Audience

Professionals involved in the collection, storage, and analysis of computer systems and network data, including

  • Digital Forensics
  • Systems Security Analysis
  • Incident Response Team

Objectives

At the completion of this Professional Certificate program, learners will be able to:

  • Understand both the importance and the processes necessary to handle data so as to ensure its admissibility in a court of law.
  • Develop an investigative process for the digital forensic investigation
  • Understand methods of focusing investigations through analysis of multiple evidence sources
  • Effectively prepare for incident response of both victim and suspect systems, including understanding the importance of network reconnaissance and network traffic analysis
  • Identify sources of evidentiary value in various evidence sources including network logs, network traffic, volatile data and through disk forensics
  • Identify common areas of malicious software activity and characteristics of various types of malicious software files
  • Confidently perform live response in intrusion investigation scenarios

Topics

Introduction to Computer Forensics

  • Computer Forensics Process
  • Computer Forensics Following the Process
    • On-Site Encryption, Memory, Verification
    • Analysis
    • Report Findings
    • Data Preservation
  • Computer Forensics Laws

Advanced Digital Forensics

  • Acquisition
  • Windows Live Response and Evidence Collection
  • Network Log and Traffic Analysis
  • Memory Analysis
  • Volatility
  • Forensic Analysis of Hard Disk Artifacts
  • The Suspect

Materials

Once registered, learners will be granted 24-hour-a-day access to the course material for 12 months.

Learners can proceed through the course at their convenience and can review and repeat individual sections as often as needed.

Each course provides video-recorded training sessions that were presented by SEI CERT instructors to a classroom of students representing a variety of industries. Instructor demonstrations included with the course explore and reinforce the concepts taught and how they can be successfully applied.

Introduction to Computer Forensics

  • 5 video training sessions with transcripts

Advanced Digital Forensics

  • 5 video training sessions with transcripts
  • 5 active online exercises

A copy of course slides is available to download.

Prerequisites

Some familiarity with digital investigations and digital forensics is recommended.

To access the SEI Learning Portal, your computer must have the following:

  • For optimum viewing, we recommend using the following browsers: Microsoft Edge, Mozilla Firefox, Google Chrome, Safari
  • These browsers are supported on the following operating systems: Microsoft Windows 8 (or higher), OSX (Last two major releases), Most Linux Distributions
  • Mobile Operating Systems: iOS 9, Android 6.0
  • Microsoft Edge, Firefox, Chrome and Safari follow a continuous release policy that makes difficult to fix a minimum version. For this reason, following the market recommendation we will support the last 2 major version of each of these browsers. Please note that as of January 2018, we do not support Safari on Windows.

 

IMPORTANT NOTICE:

Carnegie Mellon University/Software Engineering Institute offices will be closed for winter break, December 21, 2024-January 1, 2025. SEI course registrations received during this period will be confirmed and enrollment completed upon our return on January 2, 2025.

Course Questions?

Email: course-info@sei.cmu.edu
Phone: 412-268-7388

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.