ExamGecko
Search Search Login
Home Home / CompTIA / SY0-601
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
HOTSPOT You received the output of a recent vulnerability assessment. Review the assessment and scan output and determine the appropriate remedialion(s} 'or «ach dewce. Remediation options may be selected multiple times, and some devices may require more than one remediation. If at any time you would like to biing bade the initial state ot the simulation, please dick me Reset All button.
A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system Which of the following would detect this behavior?
A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?
Which of the following threat actors is most likely to be motivated by ideology?
Which Of the following vulnerabilities is exploited an attacker Overwrite a reg-ister with a malicious address that changes the execution path?
Which Of the following will provide the best physical security countermeasures to Stop intruders? (Select two).
Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?
A police department is using the cloud to share information city officials Which of the cloud models describes this scenario?
Which of the following is a solution that can be used to stop a disgruntled employee from copying confidential data to a USB drive?

Question 304 - SY0-601 discussion

Report
Export

A systems analyst is responsible for generating a new digital forensics chain -of- custody form Which of the following should the analyst include in this documentation? (Select two).

A.
The order of volatility
Answers
A.
The order of volatility
B.
A forensics NDA
Answers
B.
A forensics NDA
C.
The provenance of the artifacts
Answers
C.
The provenance of the artifacts
D.
The vendor's name
Answers
D.
The vendor's name
E.
The date and time
Answers
E.
The date and time
F.
A warning banner
Answers
F.
A warning banner
Suggested answer: C, E

Explanation:

A digital forensics chain-of-custody form is a document that records the chronological and logical sequence of custody, control, transfer, analysis, and disposition of digital evidence. A digital forensics chain-of-custody form should include the following information:

The provenance of the artifacts: The provenance of the artifacts refers to the origin and history of the digital evidence, such as where, when, how, and by whom it was collected, handled, analyzed, or otherwise controlled.

The date and time: The date and time refer to the specific moments when the digital evidence was collected, handled, analyzed, transferred, or disposed of by each person involved in the chain of custody.

Other information that may be included in a digital forensics chain-of-custody form are:

The identification of the artifacts: The identification of the artifacts refers to the unique identifiers or labels assigned to the digital evidence, such as serial numbers, barcodes, hashes, or descriptions. The signatures of the custodians: The signatures of the custodians refer to the names and signatures of each person who had custody or control of the digital evidence at any point in the chain of custody.

The location of the artifacts: The location of the artifacts refers to the physical or logical places where the digital evidence was stored or processed, such as a lab, a server, a cloud service, or a device.

Reference: https://www.comptia.org/certifications/security#examdetails https://www.comptia.org/content/guides/comptia-security-sy0-601-exam-objectives https://resources.infosecinstitute.com/topic/chain-of-custody-in-digital-forensics/

Show Answer
asked 02/10/2024
Zden Bohm Autocont a.s.
27 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms