New Release: Earn Rewards by referring new users! You can earn rewards redeemable for discounts on Vouchers and Memberships!

Free CompTIA CySA+ CS0-003 Practice Question

An organization has discovered suspicious activity suggesting a potential breach of their financial database. As part of the incident response, the analyst must ensure the admissibility of logs as evidence. What is the most appropriate step for the analyst to take immediately after isolating the affected system to ensure that the logs can be used for legal proceedings?

  • Generate and document cryptographic hashes of the logs to ensure their integrity

  • Apply secure time-stamping protocols to the logs to prevent future alterations

  • Create a detailed procedure log for the incident response steps taken

  • Encrypt the logs with a public key to secure the contents from unauthorized access

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Use your unique sharing link to refer friends and earn rewards! Hide these
SAVE $49
CompTIA Cybersecurity Analyst Voucher (CySA+ CS0-003)
$404.00 $355.00