GCFA: GIAC Certification Forensic Analyst Exam Details

The acronym for GCFA is GIAC certification forensic analyst. This certification exam validates the candidate’s knowledge and skills on the ability in handling advanced incident scenarios, conducting formal investigations, and carrying out forensic investigation of hosts and networks and other complex forensic issues. From this exam, candidates will also get knowledge on the ability to perform incident and forensic investigation in the organizations. After successful completion of the exam, candidates will become GIAC forensic analyst. The course mainly focuses on the skills that are required for analyzing and collecting data from Linux and Windows computer systems.

Training and Prerequisites:

For applying this certification, there is no mandatory prerequisite required. Any candidate who is interested in learning about the GCFA can apply for it. This course will suit best to the professionals, who are working in incident response, computer forensics, and information security field.

Regarding training, there are no specific training required for this certification but there are various sources available for the study guides and online dumps. It is recommended to gain practical knowledge about the course and various computer information security books are available in the market.

Exam Information:

The examination consists of 150 questions and the time duration allotted for this exam is approximately 4 hours. Minimum score to pass this exam is 69% or 104 out of 150. After successful completion, candidates will receive the certification from Global Information Assurance Certification (GIAC) within 3 weeks from the result date.

The following are the GCFA exam objectives and candidates need to practice all these topics before applying the exam. They are:

Computer forensic core
Application footprinting
Data layer examination and file system
Analysis / preservation guidelines and laws / Evidence Acquisition