Certified Computer Examiner (CCE)
The CCE certification is where the fields of computer science and law enforcement come together. After obtaining this certification, you will be prepared to enter the exciting and challenging world of Computer Forensics, analyzing hardware and software for digital evidence and working with law enforcement to prepare evidentiary findings.
Certified Computer Examiner (CCE)
This course is no longer offered. See our updated Computer Forensics Boot Camp
The Certified Computer Examiner (CCE) certification is available through the Southeast Cybercrime Institute at Kennesaw State University. Registration is available the Kennesaw State University Registrar’s office.
If a computer examination is conducted in a manner where the results can be duplicated by other examiners and all of the evidence is properly presented by the examiner, there is little that can be successfully challenged about the scientific certainty of the results. The certified computer examiner certification is a result of our desire to help ensure that forensic computer examiners use sound, verifiable methodologies, follow accepted handling of evidence procedures and adhere to sound ethical standards in presenting their evidence.
The Certified Computer Examiner (CCE) certification is available to any US citizen who has no criminal record and who has the appropriate training or experience. International and non-us citizens are eligible for the Certified Computer Examiner (CCE), however each application will be evaluated on a case-by-case basis. A police clearance will be required.
In order to be complete the Certified Computer Examiner (CCE) certification process, the applicant must:
- Have no criminal record
- Meet minimum experience or training requirements
- Abide by the certification’s code of ethical standards
- Pass an online examination
- Successfully perform actual forensic examinations on three test media
- In order to maintain the Certified Computer Examiner (CCE) certification, certified individuals must adhere to the Certified Computer Examiner (CCE) code of ethical standards and pass proficiency examinations every two years. There will also be continuing education requirements. These requirements have not been formally established yet.
A no-fee private Certified Computer Examiner (CCE) list server has been established for all Certified Computer Examiner (CCE)s to discuss forensic issues and to share forensic information with other Certified Computer Examiner (CCE)s.
The initial Certified Computer Examiner (CCE) certification process will encompass:
- Acquisition, marking, handing and storage of evidence procedures
- Chain of custody
- Essential “core” forensic computer examination procedures
- The “Rules of Evidence” as they relate to computer examinations
- Basic PC hardware construction and theory
- Very basic networking theory
- Basic data recovery techniques
- Authenticating MS Word documents and accessing and interpreting metadata
- Basic CDR recording processes and accessing data on CDR media
- Basic password recovery techniques
- Basic internet issues
- Various operating system specific endorsements are/will be available.
- Endorsements include:
- The Microsoft FAT (Windows 95/98) operating systems and forensic issues related to those operating systems.
- The Microsoft NTFS (Windows NT/2000/XP) operating systems and forensic issues related to those operating systems.
- The Unix/Linux operating systems and forensic issues related to those operating systems.
- The MAC/Apple operating systems and forensic issues related to those operating systems.
- Those Certified Computer Examiner (CCE)s who obtain three or more operating system endorsements will become Master Certified Computer Examiners (MCertified Computer Examiner (CCE)).
The initial Certified Computer Examiner (CCE) process consists of a proctored online multiple choice question and answer examination, the forensic examination of a floppy diskette, the forensic examination of a CDR disk and the forensic examination of an image of a hard disk drive. An 80% or better average score is required to complete the process. Once the online examination has been completed, the applicant can then begin the forensic examination of the test media. The forensic examinations are designed to test the forensic knowledge and skills of the examiner. The examiner must have the appropriate tools. See Software Necessary for more information.
The primary purpose of this certification is to measure if the applicant understands and uses sound evidence handling and storage procedures and follows sound forensic examinations procedures when conducting examinations. There are reasonable technical issues that must be resolved in order to recover the evidentiary data. However, most of the grade is based upon following sound evidence handling and storage procedures and following sound examination procedures, not simply recovering the data. An 80% total average score will be required to obtain the Certified Computer Examiner (Certified Computer Examiner (CCE))® certification. Do not assume that we know your standard operating procedures. Your grade will be based solely upon what you have written in your reports and the exhibits that you provide.
If you wish to be notified of new information about the Certified Computer Examiner process as it becomes available, you can subscribe to the public Certified Computer Examiner (CCE) list server.
There is a 90-day time limit to complete this process. The 90 days starts when we send the first problem. We will extend this 90-day time period for reasons that we consider valid. In order to gain an extension, the applicant must apply for the extension before the 90-day period expires. We must approve the request in order for the extension to be granted.
We recognize that there may be differences of “expert” opinion about technical issues. A number of recognized computer forensic experts have thoroughly tested and vetted the Certified Computer Examiner (CCE) problems. We feel that the technical issues are clearly laid out, they are practical and are issues that a competent examiner should be able to discover and report. However, there is an appeal process for the Certified Computer Examiner (CCE) problems and the granting of extensions. The appeals board is impartial and will thoroughly examine all appeals by applicants.
No Criminal Record
Criminal record defined:
A conviction within or outside the United States of any sexually related offense or crime of moral turpitude.
A conviction within or outside the United States of any crime that is classified as a felony or where the penalty could have been more than 2 years imprisonment. Even if no sentence was received, the possible maximum sentence in the jurisdiction where the conviction occurred is the deciding factor.
Been the subject of a restraining order or similar court order.
Any conviction for sexual battery or similar sexual offense where the sentence could have been less than 2 years imprisonment.
Convictions for minor criminal offenses may be allowed, but will be evaluated on a case-by-case basis. However we recommend, even if you have a minor conviction, that you do not apply for the Certified Computer Examiner (CCE). Even in the rare instance where we accept the applicant into the Certified Computer Examiner (CCE) process and they successfully complete the process, any conviction could bring an examiner’s credibility into issue when the examiner testifies in court.
Certified Computer Examiner Boot Camp
Award-winning training that you can trust
Best Software - Highest Satisfaction
Best IT Security-related Training Program
Best Cybersecurity Podcast
Cyber Work with Chris Sienko
Innovation Award - Software
Technical Skills Development Software
Exceptional learning experiences powered by LX Labs cyber expertise
Infosec Skills boot camps are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet each boot camp to guarantee it meets certification and compliance requirements and aligns with recognized guidelines like the NICE Cybersecurity Workforce Framework.