CCFP – Certified Cyber Forensics Professional Training

Learn tools and techniques to perform a forensics cyber investigation in this official (ISC)2course.

In this course, you will learn the latest tools and techniques in a live, hands-on laboratory environment to conduct a simulated cyber investigation. The lab exercises include computer forensics using commercial tools, network forensics and Internet forensics. Such areas as email, applications, forensic timelines, social media and mobile devices will be addressed in addition to the traditional computer forensics examinations.

CCFP demonstrates your ability to gather, analyze, and deliver digital evidence that is accurate, complete, and reliable. The certification covers a range of skills necessary to support these environments from intrusion analysis to incident response, and newer challenges, such as mobile forensics and cloud forensics.

Outside of the laboratory exercises, you will address legal and ethical considerations, the foundations of digital forensic science within the context of the forensic sciences, and emerging and hybrid technologies as they impact the digital forensic investigator. The course is a combination of instructor lecture, hands-on lab exercises, instructor demonstrations and practicum exam with after-exam review.

This course is your one source for certification preparation that includes:

  • Official (ISC)2 Guide to the CCFP Common Body of Knowledge® (CBK) (electronic format)
  • Official (ISC)2 CCFP Training Handbook
  • Official (ISC)2 CCFP Flash Cards
  • CCFP Certification Exam Voucher


CCFP – Certified Cyber Forensics Professional


Employees of federal, state and local governments; and businesses working with the government.

What You’ll Learn

In-depth coverage of the six domains required to pass the CCFP exam:

  1. Legal and Ethical Principles
  2. Investigations
  3. Forensic Science
  4. Digital Forensics
  5. Application Forensics
  6. Hybrid and Emerging Technologies

Who Needs to Attend

  • Digital forensic examiners in law enforcement supporting criminal investigations
  • Cybercrime and cybersecurity professionals working in the public or private sectors
  • Computer forensic engineers and managers working in corporate information security
  • Digital forensic and e-discovery consultants focused on litigation support
  • Cyber intelligence analysts working for defense/intelligence agencies
  • Computer forensic consultants working for management or specialty consulting firms


Intermediate to advanced cyber forensics professionals who have at least three years of recent full-time digital or IT security experience in cyber forensics. The CCFP CBK defines the work experience as pertaining to cyber/digital forensics, legal investigation, or application forensics.

Course Outline

1. Legal and Ethical Principles

  • Nature and Characteristics of Evidence
  • Chain of Custody
  • Rules of Procedure
  • Code of Ethics

2. Investigations

  • Investigative Process
  • Evidence Management
  • Crime Scene Investigation Protocol
  • Hybrid Crime Investigation
  • Criminal Investigations
  • Civil Investigations
  • Administrative Investigations
  • Forensics Responsibility to Security Incidents
  • Electronic Discovery
  • Intellectual Property (IP) Investigation

3. Forensic Science

  • Introduction to the Scientific Method
  • Fundamental Principles
  • Forensic Analysis and Examination Planning
  • Report Writing and Presentation
  • Quality Assurance, Control, Management and Accreditation Procedures

4. Digital Forensics

  • Digital Forensics Tools
  • Media and File System Forensics
  • Demonstration: Introduction to FTK
  • Anti-Forensic Tools and Techniques
  • Demonstration: Exploring the Evidence
  • Lab – The Evidence: Basher’s Second Computer
  • Virtual System Forensics
  • Embedded Device Forensics
  • Mobile Device Forensics
  • Demonstration/Discussion: Cellebrite
  • A Few Forensic Tools and Techniques
  • Demonstration – Network Forensics

5. Application Forensics

  • Software Forensics
  • Web, Email, and Messaging Forensics
  • Demonstration – Web Forensics
  • Demonstration – Email Forensics
  • Database Forensics
  • Demonstration – Database Forensics
  • Lab – Creating and FTK Report
  • Malware Forensics
  • Demonstration – Malware Forensics

6. Hybrid and Emerging Technologies

  • Cloud Forensics
  • Social Networks
  • The Big Data Paradigm
  • Control Systems
  • Critical Infrastructure
  • Online Gaming and Virtual/Augmented Reality


Hands-on labs are integrated into this course.