CompTIA Study Materials
AWS Study Materials
AWS Cloud Practitioner AWS Cloud Practitioner
AWS Cloud Practitioner CLF-C02
Microsoft Study Materials
Microsoft Azure Fundamentals Microsoft Azure Fundamentals
Microsoft Azure Fundamentals AZ-900

Free CompTIA CySA+ CS0-003 Practice Question

An analyst is responsible for collecting hard drives from compromised systems after a security breach to facilitate a forensic investigation. Which of the following best ensures that the integrity of the evidence is maintained and admissible in court?

  • Marking the hard drives with identification tags that include a case number and the date of acquisition.

  • Ensuring that the evidence is stored in a secure location with restricted access.

  • Quickly acquiring the evidence before it can be tampered with by unauthorized personnel.

  • Using standardized forms to document who accessed the evidence, the date/time of access, and the purpose of handling, each time the evidence is handled.

This question is for objective:
Incident Response and Management
Your Score:
Incident Response and Management
Security Operations
Vulnerability Management
Reporting and Communication