Which of the following details must appear on a chain-of-custody form to maintain the integrity and admissibility of digital evidence during an investigation?
The organization's entire network topology diagram
The purchase price of the storage media used to hold the forensic image
The names, signatures, and date/time entries for each individual who handled the evidence
The vulnerability severity score (CVSS) associated with the exploited vulnerability
A valid chain-of-custody record tracks who handled the evidence and when they did so. Recording the names (and signatures) of each custodian, along with the date and time the evidence changed hands, creates an unbroken timeline that demonstrates the evidence was not tampered with. Network diagrams, CVSS scores, or the purchase cost of storage media are not required elements and do not prove continuous control of the evidence.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is chain of custody in evidence handling?
Open an interactive chat with Bash
Why is documentation crucial in maintaining chain of custody?
Open an interactive chat with Bash
What can happen if the chain of custody is broken?