GIAC Exam GCED Topic 1 Question 62 Discussion

Actual exam question for GIAC's GCED exam

Question #: 62
Topic #: 1

[All GCED Questions]

Which of the following is the best way to establish and verify the integrity of a file before copying it during an investigation?

AWrite down the file size of the file before and after copying and ensure they match

BEnsure that the MAC times are identical before and after copying the file

CEstablish the chain of custody with the system description to prove it is the same image

DCreate hash of the file before and after copying the image verifying they are identical

Show Suggested Answer

Suggested Answer: D

by Shawana at Apr 07, 2025, 09:55 PM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

11 hours ago

I think the best way is to create a hash of the file before and after copying.

upvoted 0 times

...