The Certified Digital Forensics Examiner (CDFE) course delivers a complete, modern approach to digital investigations. Students will learn the methodology and processes needed to properly seize, preserve, acquire, and analyze digital evidence across diverse environments.
From traditional computer systems to mobile devices and emerging IoT technologies, the course ensures examiners are prepared for today’s investigative challenges.
Designed for both hands-on practitioners and managers overseeing forensic operations, CDFE blends technical depth with legal and managerial perspective. Every step of the forensic process is aligned with international standards (ISO/IEC 27037, NIST 800-101) to ensure findings are defensible in court.
COURSE DETAILS:
Want to learn about new technologies like virtual networks and SD Networks found in many cloud architectures? We've got you covered, and then we move to physical components, TCP/IP Stack, OSI Model, switches, routers, wireless, and Bluetooth.
Lastly, we finish up the C)NP with the knowledge you need to perform the day to day operations of an organization, so you will be able to secure and maintain an entire network!
|
Key takeaways |
Upon completion you will be able to establish industry acceptable digital forensics standards with current best practices and policies.
By completing this course you will earn 40 CEUs.
|
Prerequisites |
Suggested Prerequisites:
|
Target audience |
Modules:
Labs:
DETAILED OUTLINE
Module 1 – Computer Forensics Incidents
Module 2 – Computer Forensic Investigative Theory
Module 3 – Computer Forensic Prerequisites and Standards
Module 4 – Computer Forensic Investigative Process
Module 5 – Forensic Examination/Evidence Protocols
Module 6 – Digital Acquisition and Analysis Tools
Module 7 – Disks and Storages
Module 8 – Live Acquisitions
Module 9 – Windows Forensics
Module 10 – Linux Forensics
Module 11 – MAC Forensics
Module 12 – Specialized Artifact Recovery
Module 13 – Advanced Search Strings and File Signatures
Module 14 – Mobile Forensics
Module 15 – eDiscovery
Module 16 – Computer Forensic Laboratory Protocols
Module 17 – Digital Evidence Presentation and Reporting
Objective:
Upon completion, Certified Digital Forensics Examiner students will be prepared to competently take the C)DFE exam.
The exam is taken online through Mile2’s Learning Management System and is accessible on your Mile2.com account. The exam will take approximately 2 hours and consist of 100 multiple choice questions.
A minimum grade of 70% is required for certification.
Your exam is included in the course fee!
All Mile2 certifications will be awarded a 3-year expiration date.
There are two requirements to maintain Mile2 certification:
For digitale etterforskere og teknikere, politi og forsvar, fagfolk innen cybersikkerhet og hendelseshåndtering, juridisk og etterlevelse (compliance), IT- og sikkerhetsledere, samt bedriftsetterforskere og svindelanalytikere
Anbefalt: ca. 1 års erfaring med IT, og/eller Mile2-kurs som C)SP eller Foundational Course Pack.
En komplett, moderne metodikk for innsamling, sikring, erverv og analyse av digitalt bevis – på Windows, Linux og macOS, samt mobil/IoT. Du dekker anskaffelses-teknikker (inkl. live/memory), verktøybruk (f.eks. Cellebrite, Magnet AXIOM, Oxygen, MSAB XRY, Paraben, GrayKey), kjedekontroll og beviskrav, og rapportering i tråd med standarder som ISO/IEC 27037 og NIST 800-101.
Fullført kurs forbereder deg til C)DFE-eksamen og gir 40 CEUs.
Leveres som klasseromskurs, live virtuelt eller bedriftsinternt/skreddersøm. Varighet: 5 dager, undervisning på engelsk.
Ja – omfattende labber dekker bl.a. chain of custody, identifisering og erverv av enheter, minnedump, Windows-logganalyse, Linux/macOS-undersøkelser, regex og data-carving, artefaktgjenfinning, Android-kobling og incident response – slik at funn kan forsvares i retten.
Kursavgiften er 35 000 NOK, og eksamen er inkludert i prisen.
Du får tilgang til Mile2 sitt digitale læringssystem, offisielt kursmateriell, videoer og øvelser.
Ja – kurset inkluderer sertifiseringseksamner Certified Digital Forensics.
Eksamen varer ca. 2 timer og består av 100 multiple-choice spørsmål
Eksamen tas online via Mile2 sin læringsplattform.
Sertifiseringen er gyldig i 3 år. For å beholde den må du:
Ja – kurset tilbys både som fysisk kurs i klasserom og som live, virtuelt kurs.
Ja – kurset kan tilbys bedriftsinternt og tilpasses organisasjonens behov.
Ja – vi tilbyr bedriftsinterne kurs både fysisk og virtuelt.