which of the following should be the FIRST step?

When creating a forensic image of a hard drive, which of the following should be the FIRST step? A. Identify a recognized forensics software tool to create the image. B. Establish a chain of custody log. C. Connect the hard drive to a write blocker. D. Generate a cryptographic hash of the hard drive contents. […]

Read More

Which of the following disaster recovery testing techniques is the MOST cost-effective way to determine the effectiveness of

Which of the following disaster recovery testing techniques is the MOST cost-effective way to determine theeffectiveness of the plan? A. Preparedness tests B. Paper tests C. Full operational tests D. Actual service disruption Explanation: Preparedness tests would involve simulation of the entire test in phases and help the team better understand and prepare for the […]

Read More

which of the following should be the FIRST priority?

When electronically stored information is requested during a fraud investigation, which of the following should be the FIRST priority? A. Assigning responsibility for acquiring the data B. Locating the data and preserving the integrity of the data C. Creating a forensically sound image D. Issuing a litigation hold to all affected parties Explanation: Locating the […]

Read More

which of the following?

Recovery point objectives (RPOs) can be used to determine which of the following? A. Maximum tolerable period of data loss B. Maximum tolerable downtime C. Baseline for operational resiliency D. Time to restore backups Explanation: The RPO is determined based on the acceptable data loss in the case of disruption of operations. It indicates the […]

Read More

which is the MOST important aspect of forensic investigations?

Of the following, which is the MOST important aspect of forensic investigations? A. The independence of the investigator B. Timely intervention C. Identifying the perpetrator D. Chain of custody Explanation: Establishing the chain of custody is one of the most important steps in conducting forensic investigations since it preserves the evidence in a manner that […]

Read More

Which of the following would be a MAJOR consideration for an organization defining its business continuity plan (BCP) or

Which of the following would be a MAJOR consideration for an organization defining its business continuity plan(BCP) or disaster recovery program (DRP)? A. Setting up a backup site B. Maintaining redundant systems C. Aligning with recovery time objectives (RTOs) D. Data backup frequency Explanation: BCP, DRP should align with business RTOs. The RTO represents the […]

Read More