Sam Security Certifications
Sam Security Certifications
Sam Security Certifications
FORENSIC/ANTI-HACKING - Basic
FORENSIC/ANTI-HACKING - Intermediate
CCE -- Certified Computer Examiner
The CCE, offered by the Southeast Cybercrime Institute at Kennesaw State
University in partnership with Key Computer Service, seeks to identify
individuals with no criminal record who have appropriate computer forensics
training or experience, including evidence gathering, handling and storage. In
addition, candidates must pass an online examination and successfully perform a
hands-on examination on three test media.
Source: Key Computer Service
CEH -- Certified Ethical Hacker
The CEH identifies security professionals capable of finding and detecting
weaknesses and vulnerabilities in computer systems and networks by using the
same tools and applying the same knowledge as a malicious hacker. Candidates
must pass a single exam and prove knowledge of tools used both by hackers and
security professionals.
Source: EC-Council
CFCE -- Computer Forensic Computer Examiner
The International Association of Computer Investigative Specialists (IACIS)
offers this credential to law enforcement and private industry personnel alike.
Candidates must have broad knowledge, training or experience in computer
forensics, including forensic procedures and standards, as well as ethical, legal
and privacy issues. Certification includes both hands-on performance-based
testing as well as a written exam.
Source: International Association of Computer Investigative Specialists
CHFI -- Computer Hacking Forensic Investigator
The CHFI is geared toward personnel in law enforcement, defense, military,
information technology, law, banking and insurance, among others. To obtain
CHFI certification, a candidate needs to successfully complete one exam.
Source: EC-Council
CIFI -- Certified Information Forensics Investigator
Obtaining the credential of Certified Information Forensics Investigator requires
adherence to a code of ethics, successful completion of a rigorous exam and
fulfillment of specific experience requirements. Aimed at full-time professional
practitioners, this certification is vendor-neutral and devoid of sponsored training
requirements or the use or purchase of specific products.
Source: International Information Systems Forensics Association
CPTP -- Certified Penetration Testing Professional
An offering from Iowa-based training company, Mile2, this credential seeks to
identify individuals who've developed the skills necessary to conduct thorough,
painstaking penetration tests for their employers, or for customers who hire them
to conduct such testing independently. The credential is structured around a five-
day, $2,600 course, and followed up with a Prometric exam.
Source: Mile2
CSFA -- CyberSecurity Forensic Analyst
The CSFA aims to identify individuals who are interested in information
technology security issues, especially at the hardware level. Prerequisites include
at least one certification in computer and software support, networking or security
(such as CompTIA's A+, Microsoft's MCSA or MCSE, or Cisco's CCNA),
successful completion of an introductory and an advanced computer forensics
course offered through the CyberSecurity Institute and no criminal record.
Source: CyberSecurity Institute
FCSS -- Field Certified Security Specialist
This certification permits individuals to specialize in Cisco, Check Point or cross-
platform topics (which is why we list it in both the vendor-specific -- although the
parent organization points out that these certs are "vendor-independent" -- and
vendor-neutral surveys). Candidates must pass a hands-on, performance-based
test to obtain FCSS certification.
Source: Field Certified Professional Association
GIAC -- Global Information Assurance Certification Program
This cert program seeks to identify individuals who can demonstrate knowledge
of and the ability to manage and protect important information systems and
networks. The SANS organization is well known for its timely, focused, and
useful security information and certification program. A shining star on this
landscape, the GIAC program aims at serious, full-time security professionals
responsible for designing, implementing and maintaining a state-of-the-art
security infrastructure that may include incident handling and emergency response
team management. The program includes one mid-level forensics certification --
GIAC Certified Forensic Analyst (GCFA).
Source: Global Information Assurance Certification
C3C -- Certified Cyber-Crime Expert
The C3C identifies computer forensics investigators, information technology and
security personnel, law enforcement officials, lawyers and others, who must have
the knowledge and tools to effectively collect, handle, process and preserve
computer forensic evidence. The certification requires successful completion of
the Computer Forensic and Cyber Investigation course, and a practical and written
exam.
Source: E-business Process Solutions
CCCI -- Certified Computer Crime Investigator (Advanced)
The CCCI is one of two computer forensic certifications aimed at law
enforcement and private IT professionals seeking to specialize in the investigative
side of the field. Basic requirements include two years of experience (or a college
degree, plus one year of experience), 18 months of investigative experience, 40
hours of computer crimes training and documented experience from at least 10
investigated cases. Advanced requirements bump experience to three years (or a
college degree, plus two years of experience), four years of investigations, 80
hours of training and involvement as a lead investigator in 20 cases, with
involvement in over 60 cases overall.
Source: High Tech Crime Network certifications
CCFT -- Certified Computer Forensic Technician (Advanced)
The CCFT is one of two computer forensic certifications aimed at law
enforcement and private IT professionals seeking to specialize in the investigative
side of the field. Basic requirements include three years of experience (or a
college degree, plus one year of experience), 18 months of forensics experience,
40 hours of computer forensics training and documented experience from at least
10 investigated cases. Advanced requirements include three years of experience
(or a college degree, plus two years of experience), four years of investigations,
80 hours of training and involvement as a lead investigator in 20 cases with
involvement in over 60 cases overall.
Source: High Tech Crime Network certifications
CERI-ACFE -- Advanced Computer Forensic Examination
The CERI-ACFE seeks to identify law enforcement officials with advanced
computer crime investigation experience and training. Requirements include two
years of computer investigation/debugging, four years of Microsoft platform
analysis, two years of non-Microsoft platform analysis, 80 hours of approved
training, a written exam and successful completion of hands-on exercises.
Source: Cyber Enforcement Resources Inc.
CERI-ACSS -- Advanced Computer System Security
The CERI-ACSS seeks to identify law enforcement officials with advanced
computer crime investigation experience and training. Requirements include two
years of computer investigation/debugging, three years of Microsoft platform
analysis, one year of non-Microsoft platform analysis, 40 hours of approved
training, a written exam and successful completion of hands-on exercises.
Source: Cyber Enforcement Resources Inc.
CPTS -- Certified Penetration Testing Specialist
An offering from Iowa-based training company, Mile 2, this credential stresses
currency on the latest exploits, vulnerabilities, and system penetration techniques.
It also focuses on business skills, identification of protection opportunities, testing
justifications, and optimization of security controls to meet business needs and
control risks and exposures. The credential is structured around a five-day, $2,600
course that's backed up by a Prometric exam.
Source: Mile2
PCI -- Professional Certified Investigator
This is a high-level certification from the American Society for Industrial Security
(ASIS is also home to the CPP and PSP certifications) for those who specialize in
investigating potential cybercrimes. Thus, in addition to technical skills, this
certification concentrates on testing individuals' knowledge of legal and
evidentiary matters required to present investigations in a court of law, including
case management, evidence collection and case presentation. This cert requires
five years of investigation experience, with at least two years in case management
(a bachelor's degree or higher counts for up to two years of such experience) and a
clean legal record for candidates.
Source: ASIS International
FORENSIC/ANTI-HACKING - Advanced
Brainbench HIPAA (Security)
The Brainbench HIPAA (Security) cert deals with topics and requirements that
drive the Health Insurance Portability and Accountability Act (HIPAA) of 1996,
to help IT professionals understand and implement related information handling
and processing requirements.
Source: Brainbench
CCSA -- Certification in Control Self-Assessment
The CCSA demonstrates knowledge of internal control self-assessment
procedures, primarily aimed at financial and records controls. This cert is of
primary interest to those professionals who must evaluate IT infrastructures for
possible threats to financial integrity, legal requirements for confidentiality and
regulatory requirements for privacy.
Source: Institute of Internal Auditors
CFE -- Certified Fraud Examiner
The CFE demonstrates ability to detect financial fraud and other white-collar
crimes. This cert is of primary interest to full-time security professionals in law,
law enforcement or those who work in organization with legal mandates to audit
for possible fraudulent or illegal transactions and activities (such as banking,
securities trading or classified operations).
Source: Association of Certified Fraud Examiners
CIA -- Certified Internal Auditor
The CIA cert demonstrates knowledge of professional financial auditing practices.
The cert is of primary interest to financial professionals responsible for auditing
IT practices and procedures, as well as standard accounting practices and
procedures to insure the integrity and correctness of financial records, transaction
logs and other records relevant to commercial activities.
Source: Institute of Internal Auditors
CISA -- Certified Information Systems Auditor
The CISA demonstrates knowledge of IS auditing for control and security
purposes. This cert is of primary interest to IT security professionals responsible
for auditing IT systems, practices and procedures to make sure organizational
security policies meet governmental and regulatory requirements, conform to best
security practices and principles, and meet or exceed requirements stated in an
organization's security policy.
Source: Information Systems Audit and Control Association
GIAC -- Global Information Assurance Certification Program
This cert program seeks to identify individuals who can demonstrate knowledge
of and the ability to manage and protect important information systems and
networks. The SANS organization is well known for its timely, focused, and
useful security information and certification program. A shining star on this
landscape, the GIAC program aims at serious, full-time security professionals
responsible for designing, implementing and maintaining a state-of-the-art
security infrastructure that may include incident handling and emergency response
team management. Available certificates, which indicate successful completion of
a relatively short but highly focused course, include the following:
o GIAC HIPAA Security Certificate (GHSC)
o GIAC Solaris Gold Standard Certificate (GGSC-0200)
o GIAC E-Warefare Certificate (GEWF)
o GIAC Ethics in IT (GEIT)
o GIAC Cutting Edge Hacking Techniques Certificate (GHTQ)
o GIAC Reverse Engineering Malware (GREM)
o GIAC Security Awareness (GSAW)
o GIAC Cyber Warrior Certificate (GCWY)
o GIAC Business Law and Computer Security (GBLC)
o GIAC Legal Issues in Information Technologies (GLIT)
o GIAC Contracting for Data Security (GCDS)
o GIAC Law of Fraud (GLFR)
o GIAC Windows 2000 Gold Standard Certificate (GGSC-0100)
o GIAC Auditing Cisco Routers Gold Standard Certificate (GGCS-0400)
Source: Global Information Assurance Certification