EC Council Associate - Cyber Forensics Associate Certification Exam

EC Council Associate - Cyber Forensics Associate Certification Exam

  • $106.20
    Unit price per 
  • Save $0

The Cyber Forensics Associate(C|FA)  certification demonstrates an individual’s knowledge on how to detect hacking attacks and properly extract evidences to report the crime and conduct audits to prevent future attacks. Individuals who learn the principles of digital forensics can become invaluable members of incident handling and incident response teams.

The purpose of the Cyber Forensics Associate credential is to validate the candidate’s skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.

The Exam

  • Number of Questions: 40
  • Question Types: Project-based testing
  • Duration: Up to 50 minutes

The Learning + Exam Outcomes  

  • Analysis - Analyze forensic images. Apply procedural concepts required to use forensic tools. Apply basic malware analysis using NIST accepted forensic techniques and tools. Identify anti-forensics techniques. Determine the important content of event logs in forensics
  • Discovery - Apply procedural concepts necessary to detect a hidden message inside a picture. Analyze a conversation between two endpoints from a PCAP file. Recognize that devices are kept in the same state as they were found. Determine how to gather evidence in a forensically sound manner. Apply procedural concepts required to discover evidence on different file systems. Apply procedural concepts required to gather evidence on different operating systems. Identify proper steps in network capture. Given a scenario, determine evidence of email crimes
  • Evidence - Determine and report logon/logoff times for a specific user. Verify the authenticity of evidence (e.g., hash value). Summarize the proper handling of evidence. Outline the process for creating a forensically sound image. Apply evidence collection to the chain of custody. Discriminate between a live acquisition and static acquisition
  • Documentation and Reporting - Apply forensic investigation methodology. Identify the steps necessary to validate an emergency contact list for incident response. Analyze a scene to determine what should be visually documented. Report findings from a malware analysis. Identify the elements of a complete forensics report. Communicate the results of an investigation to an internal team
  • Cyber Forensics Fundamentals - Identify different types of cybercrime. Communicate incident handling and the response process. Distinguish between steganography and cryptography

Learning Material (optional)

  • Online/Self Learn Training (E-Book + Ilab)

 Other information:

  • Examination held online and generally on Saturdays
  • Examination date scheduled according to edVentr calendar (via edVentr Support Team after purchase)
  • Examination other than edVentr calendar date can be booked at an additional fee (liaise with edVentr Support team after purchase)
  • Certification issued digitally by Adobe (immediately after passing)
  • After passing you can also claim a digital badge (see product image) for your resume or Linkedin profile 


  • Operating system: Windows 10 / Mac OSX Sierra 10.12 or higher
  • Chrome OS
  • Supported browsers: The preferred internet browser is Chrome. Internet Explorer, Edge, and Safari are also supported
  • Screen resolution of 1280 x 800
  • Input Devices: Full Keyboard and Mouse
  • Internet Connection: A download speed of at least 5 Mbps