Crucial Exams

ISC2 Certified Cloud Security Professional (CCSP) Practice Question

During a cloud-hosted breach investigation, a security analyst must export hypervisor log files from the provider's management plane to the corporate forensic repository. Which action best maintains the evidentiary value of the logs so they remain admissible in court?

  • Take timestamped screenshots of the log entries, email them to yourself, and request the cloud provider keep the raw files for 90 days.

  • Export the logs via secure FTP, then encrypt the archive with the organization's public PGP key before distribution to the investigation team.

  • Generate a cryptographic hash of the original logs, copy them to read-only media, recalculate the hash on the copies, and record each hand-off in a chain-of-custody log.

  • Compress the log directory on the hypervisor to reduce size, delete the uncompressed originals, and transfer the archive over an encrypted tunnel.

ISC2 Certified Cloud Security Professional (CCSP)
Cloud Security Operations
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot