CompTIA CySA+ CS0-003 Practice Question
What is the primary purpose of maintaining a documented chain of custody for digital evidence acquired during an incident response?
To ensure that the evidence can be safely ignored in the incident response
To create a backup of the digital evidence
To establish that the evidence has not been altered, tampered with, or otherwise compromised
To provide a detailed analysis of the evidence