eCDFP Certification

Certified Digital Forensics Professional

eCDFP is an advanced digital forensics exam meant for senior-level Cybersecurity professionals. A successful certification allows digital forensics investigators to prove their technical digital forensics expertise.

The Exam
INE Security’s eCDFP evaluates your ability to use a variety of forensic techniques, inside a fully featured and real-world environment. This certification exam covers Preservation of Evidence, Fundamentals of Digital Forensics, Storage Device Fundamentals, and Digital Forensics Tools & Techniques. 

This exam is designed to be the next milestone Blue Team certification for Cybersecurity professionals, simulating the skills utilized during a real-world engagement. This exam truly shows that the candidate has what it takes to be part of a high-performing forensic investigation team.

Exam Objectives
The eCDFP assesses and certifies an individual’s skills in Preservation of Evidence (20%), Fundamentals of Digital Forensics (33%), Storage Device Fundamentals (20%), and Digital Forensics Tools & Techniques (27%). The following objectives are tested for mastery: 

  • Understanding the methodology of collection
  • Execute the steps of collection plan based on best practices
  • Preserve and maintain the integrity of evidence
  • Analyze digital forensics artifacts on Windows operating systems
  • Identify evidence of execution on Windows operating systems
  • Understand the basic structure of a digital forensic report
  • Demonstrate how to analyze physical device characteristics
  • Demonstrate how to analyze logical storage characteristics
  • Demonstrate appropriate usage of digital forensic analysis tools and techniques 
  • Demonstrate appropriate usage of network analysis tools and techniques
  • Demonstrate appropriate usage of log and timeline tools and techniques

Who It’s For
The eCDFP is a certification for individuals with a highly technical understanding of networks, systems, and cyber attacks. Anyone can attempt the certification exam; however, it’s recommended to be competent in skills taught in the Digital Forensics Professional Learning Path. It is designed for:

  • Computer Forensic Analyst
  • Digital Forensic Examiner
  • Forensic Technician
  • Managed Service Providers (MSPs)
  • Manage Security Service Providers (MSSPs)

Get eCDFP Certified

New to INE and INE Security?

The INE Premium subscription offers the Digital Forensics Professional Learning Path, built for senior-level Cybersecurity professionals. It prepares you to take the eCDFP exam through a blend of expert-led courses and practical lab time. When you’ve completed the learning path, you’re ready for the exam!

OR

Already an INE Premium subscriber?

We encourage everyone to complete the Digital Forensics Professional Learning Path, part of the INE Premium subscription, before attempting the certification exam. Buy your voucher now and get started.

To complete the eCDFP Certification, follow these steps:

Purchase an exam voucher to start the certification process. Login to the certification area to manage the exam and any other materials related to the certification process.

Regular vouchers expire after 180 days from purchase. Before the certification voucher expires (180 days from purchase), complete the initial exam attempt and if desired, the complimentary re-take that is provided with the voucher’s purchase. Both attempts must be submitted before the certification voucher expires. The expiration date will always be available in the certification area, and reminder emails are sent to ensure the voucher is taken advantage of.

Once you click on the “Begin certification process” button, you will receive an email with instructions regarding the scope of the engagement. This letter will contain everything you need to know to take your exam.

To be awarded the certification, you need to score a 76.7% or above. Once you submit your exam, it will be automatically graded, and you will receive  your results immediately. Should you fail the first attempt, you will then have one free attempt to re-take the certification.