In response to an incident, how should chain of custody of evidence be handled?
What will be an ideal response?
ANSWER: All collected data must be carefully processed and tracked so it does not leave official hands at any point in the forensics process. Typically, documentation used to track chain of custody describes exactly what the evidence is, when it was collected, who collected it, its condition, and how it was secured. If at any point in the process you have custody of evidence, be sure to sign off on a chain of custody document, and obtain a signature from the next person in line when you hand over custody of the evidence.
You might also like to view...
The ____________________ factor indicates the length of time a device is expected to last in operation.
Fill in the blank(s) with the appropriate word(s).
Listing exclusions in the project plan will help reduce the potential for scope ____, which is the expansion of a project beyond the original goals and objectives.
A. crawl B. sneak C. slither D. creep
A VMware vSphere 6.x Administrator is looking at the following output from esxtop on an ESXi host: What does DAVG/cmd represent?
A. Average device latency per command in milliseconds B. Average ESXi VMkernel latency per command in milliseconds C. Average queue latency per command in milliseconds D. Average guest operating system latency per command in milliseconds.
A client PC that is responsible for processing presentation logic, extensive application and business rules logic, as well as many DBMS functions is called a:
A) file server. B) file processor. C) database server. D) fat client.