The correct action is ensuring the integrity of evidence (Answer A) because law enforcement agencies rely on precise and uncontaminated data for their investigations. This involves preserving logs, preventing tampering with the scene, and documenting all actions taken. Notifying specific employees (Answer B) and informing end users (Answer C) can be parts of the communication process, but they do not directly address the needs of law enforcement. Patching systems (Answer D) is critical but should follow proper evidence collection to avoid destroying crucial information.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is preserving the integrity of evidence crucial during a security breach?
Open an interactive chat with Bash
What specific actions should a cybersecurity analyst take to ensure evidence integrity?
Open an interactive chat with Bash
What role do law enforcement agencies play in responding to a security breach?