Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam 220-1102 Topic 4 Question 22 Discussion

Actual exam question for CompTIA's 220-1102 exam
Question #: 22
Topic #: 4
[All 220-1102 Questions]

Maintaining the chain of custody is an important part of the incident response process. Which of the following reasons explains why this is important?

Show Suggested Answer Hide Answer
Suggested Answer: C

Maintaining the chain of custody is important to control evidence and maintain integrity. The chain of custody is a process that documents who handled, accessed, or modified a piece of evidence, when, where, how, and why. The chain of custody ensures that the evidence is preserved, protected, and authenticated throughout the incident response process. Maintaining the chain of custody can help prevent tampering, alteration, or loss of evidence, as well as establish its reliability and validity in legal proceedings. Maintaining an information security policy, properly identifying the issue, and gathering as much information as possible are not reasons why maintaining the chain of custody is important. Maintaining an information security policy is a general practice that defines the rules and guidelines for securing an organization's information assets and resources. Properly identifying the issue is a step in the incident response process that involves analyzing and classifying the incident based on its severity, impact, and scope. Gathering as much information as possible is a step in the incident response process that involves collecting and documenting relevant data and evidence from various sources, such as logs, alerts, or witnesses.Reference:

Official CompTIA learning resources CompTIA A+ Core 1 and Core 2, page 26


by Raymon at Oct 18, 2023, 03:57 PM

Limited Time Offer

25%

Off

Get Premium 220-1102 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Fletcher
7 months ago
Ha, yeah, that's a good point. It's all about balance. You need the chain of custody to protect the evidence, but you also need to make sure you're actually, you know, investigating the incident and not just guarding some papers. Gotta keep the big picture in mind.
upvoted 0 times
...
Joye
7 months ago
I agree, C is the way to go. Although, I have to say, option D about gathering as much information as possible is also pretty important. We don't want to just focus on the chain of custody and forget about the actual investigation, you know?
upvoted 0 times
...
Carisa
7 months ago
Exactly! That's why option C is the right answer. Controlling the evidence and maintaining its integrity is the whole purpose of the chain of custody. The other options, while important, don't really get to the heart of why this process is crucial.
upvoted 0 times
...
Shelba
7 months ago
Hmm, this is a tricky one. The chain of custody is so important because if the evidence is mishandled or compromised, it could totally undermine the entire investigation. We need to make sure the integrity is maintained at all times.
upvoted 0 times
...

Save Cancel