CompTIA Security+ SY0-701 Practice Question

During an incident response, a security analyst has identified a server that may have been compromised. The analyst decides to take an image of the server's hard drive for further analysis. Which of the following is the MOST critical step to ensure the integrity of the investigation?

Document the process and the individuals involved in handling the server.
Limit access to the server by updating access control lists.
Physically secure the server to prevent further access.
Generate a digital hash of the server's hard drive image.

CompTIA Security+ SY0-701

Security Operations

Your Score:

SAVE $49

CompTIA Security+ Voucher (SY0-701)

$404.00 $355.00

Bash, the Crucial Exams Chat Bot

AI Bot

CompTIA Security+ SY0-701 Practice Question

Answer Description

Ask Bash

What is a digital hash and how does it work?

Why is it important to ensure the integrity of digital evidence during an investigation?

What steps should be taken to properly document the incident response process?

Monthly

$14.99

billed monthly
(cancel any time)

3 Month Pass

$34.99

One time purchase
Does not auto-renew.

Annual Pass

$59.99

One time purchase
Does not auto-renew.

Lifetime Pass

$119.99

One time purchase
Good for life.

All Certifications

Unlimited Practice Tests

Unlimited Questions

Zero Ads

Track scores

Report Cards

Major Voucher Discounts

Advanced PBQs

CompTIA Security+ SY0-701 Practice Question

Report Issue

Answer Description

Ask Bash

What is a digital hash and how does it work?

Why is it important to ensure the integrity of digital evidence during an investigation?

What steps should be taken to properly document the incident response process?

Report Issue