An organization's security team has collected digital evidence during an investigation of a potential data breach. Which of the following is the BEST approach for storing this evidence to maintain its admissibility in court?
Utilize remote cloud storage with encryption and authentication safeguards
Conduct integrity verification by updating file timestamps to confirm system operation
Implement a secure storage facility with access controls, documentation of evidence handling, and physical protection measures
Create copies of digital evidence and distribute them to security team members for parallel analysis
The correct answer is to implement a secure storage facility with access controls, documentation of evidence handling, and physical protection measures. When storing digital evidence, maintaining the Chain of Custody (CoC) is paramount to ensure admissibility in court proceedings. This means documenting who has handled the evidence, when they accessed it, and for what purpose. Additionally, physical security measures such as controlled access to the storage facility and tamper-evident containers provide protection against unauthorized access or manipulation. Temperature and humidity controls are important for certain types of physical evidence but are secondary to CoC documentation for digital evidence. While integrity checks are valuable, they should be conducted in a manner that doesn't alter the original evidence. Making copies for analysis is a good practice but doesn't replace proper storage procedures. Remote cloud storage introduces potential CoC challenges that could compromise admissibility.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the Chain of Custody (CoC) and why is it important for digital evidence?
Open an interactive chat with Bash
What measures are included in physical security for digital evidence storage?
Open an interactive chat with Bash
Why is using remote cloud storage not ideal for storing digital evidence?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .