Free CompTIA CySA+ CS0-003 Practice Question

You are a cybersecurity analyst who has just collected a hard drive as evidence for a suspected data breach. What is the most important next step to ensure that the chain of custody is intact?

  • Scanning the hard drive for any signs of malware

  • Securing the hard drive in tamper-evident packaging

  • Transferring the hard drive to the forensic lab

  • Labeling the hard drive with the date and time of collection

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.