Cyprus
England
Greece
Ireland
CMI is the Premier Advanced Level Malware Investigation / Computer Forensics Certification.
Discover the only certification that tests your knowledge beyond conventional static computer forensics analysis. CMI validates your skills in conducting malware analysis, from the principles surrounding differing analysis environments and 7Safe’s malware investigation methodology to investigating network activity resulting from malicious software infection.
CMI Certification Path & Tracks:
CMI Exam Syllabus
Analysis Environments
a. Identify and define the five analysis environments
b. Identify situations in which each of the investigation environments could be used effectively
c. Identify their respective levels of risk both to the original data as well as other systems
2. Malicious Software
a. Define the term “malicious software”
b. Identify and define different types of malicious software
c. Identify similarities and differences between different types of malicious software
3. Malware Investigation
a. Identify the stages of malware investigation
b. Critically assess the capabilities and limitations of anti-malware tools
c. Identify the different means of running software at system start-up
4. Methods of Deception
a. Identify mechanisms of malware delivery
b. Identify mechanisms of disguise
c. Identify client security circumvention
5. Mounted Analysis
a. Mounting forensic images as logical drives
b. Using malware scanners against the mounted image
c. Documenting the results of malware scans
d. Using online scanners for further clarification
6. Booted Analysis
a. Identify approaches to creating a booted analysis environment
b. Experiment with making a Virtual Machine
c. Identifying password implications
d. Identifying and explaining the potential differences between mounted and booted analysis results
7. Network Analysis
a. Identify key reasons for network analysis
b. Methods of building a network for analysis
c. Explaining network communication protocols
d. Using traffic analysis tools for network analysis
e. External Port Analysis
f. Identifying and explaining the potential differences between network and other analysis results
8. Virtualisation Malware
a. Explain how hardware Hypervisor support allows for virtualisation malware
b. Define Type I, Type II and Type III malware
9. Simplifying Complex Evidence
a. Aiming the report at a subject knowledge level fitting the target audience
b. Discuss a sample report outline
WHO IS THE CMI CERTIFICATION FOR?
Those responsible or eager to become responsible for computer forensic investigation, including:
- Forensic & Network Investigators
- Information Security Professionals
- IT Security Officers
- Law Enforcement Officials
- Computer Auditors
- Crime Prevention Officers
‘Gaining the CMI certification has given me well-rounded knowledge of the fundamental aspects of malware analysis. I have been able to confidently assess the severity of a particular situation involving malware software and implement important recovery steps which have been invaluable to my organisation. I would highly recommend this unique malware analysis certification’
IT Technical Specialist – Software Engineering Company
