When a person obtains the Global Information Assurance Certification Forensic Examiner (GCFE) ensure that all candidates who successfully pass the exam have the knowledge, skills, and abilities required to acquire and examine evidence from digital systems to find and recover known essential artifacts to prove or disprove a fact in order to produce a formal report or presentation that could be used internally or in civil/criminal litigation.
GIAC Certified forensic analysts (GCFAs) are front line investigators during computer intrusion breaches across the enterprise. They can help identify and secure compromised systems even if the adversary uses anti-forensic techniques. Using advanced techniques such as file system timeline analysis, registry analysis, and memory inspection, GCFAs are adept at finding unknown malware, rootkits, and data that the intruders thought had eliminated from the system.
The GIAC Reverse Engineering Malware (GREM) certification is designed for technologists who protect the organization from malicious code. GREM-certified technologists possess the knowledge and skills to reverse-engineer malicious software (malware) that targets common platforms, such as Microsoft Windows and web browsers. These individuals know how to examine inner-workings of malware in the context of forensic investigations, incident response, and Windows system administration.
The GNFA certification is for professionals who want to demonstrate that they qualified to perform examinations employing network forensic artifact analysis. Candidates are required to demonstrate an understanding of the fundamentals of network forensics, normal and abnormal conditions for common network protocols, the process and tools used to examine device and system logs, wireless communication and encrypted protocols.
The popularity of mobile devices in our work and personal lives has become increasingly broad and complex. The volume and type of data that these devices carry such as contact lists, email, work documents, SMS messages, images, internet browsing history and application specific data make them important for the individual who carries the device and allows for a rich source of data for forensic examinations.