The Certified Information Forensics Investigator (CIFI) certification is a designation earned exclusively by the most qualified information forensics professionals in the field. The CIFI encompasses multiple domains of knowledge, practical experience, and a demonstration of expertise and understanding accomplished through a rigorous exam proctored under controlled environments. This credential requires adherence to a code of ethics and is aimed at full-time professional practitioners . The certification is vendor neutral. In fact, candidates may choose to sit for the exam without any restrictions other than adherence to the International Information Systems Forensics Association (IISFA) code of ethics and the exam fee, which runs around $500.
The CIFI exam includes six areas in its common bodies of knowledge (CBKs), all strongly related to information forensics:
Auditing
Incident response
Law and investigation
Tools and techniques
Traceback
Countermeasures
The IISFA offers a short, but comprehensive reading list ( www.iisfa.org/certification/readinglist.asp ) to help candidates prepare for the exam. It also provides detailed explanations of the topics, issues, tools, and techniques relevant to the various CBKs. (Check the submenus on the Common Bodies of Knowledge page at http://www.iisfa.org/certification/cbk.asp .) The website ( http://www.infoforensics.org ) also offers various resources, newsletters, pointers to training partners , and more. Until the end of 2004, experienced computer forensics professionals also have the option of attempting to grandfather their way into CIFI certification.