According to NIST, which step in the digital forensics process involves identifying potential sources of forensic data, its acquisition, handling, and storage?

According to NIST, which step in the digital forensics process involves identifying potential sources of forensic data, its acquisition, handling, and storage?

• examination
• analysis
• reporting
• collection

Explanation: NIST describes the digital forensics process as involving the following four steps:

• Collection - the identification of potential sources of forensic data and acquisition, handling, and storage of that data.
• Examination - assessing and extracting relevant information from the collected data. This may involve decompression or decryption of the data.
• Analysis - drawing conclusions from the data. Salient features, such as people, places, times, events, and so on should be documented.
• Reporting - preparing and presenting information that resulted from the analysis. Reporting should be impartial and alternative explanations should be offered if appropriate.

Exam with this question: CyberOps Associate (Version 1.0) - Module 28: Digital Forensics and Incident Analysis and Response Answers
Exam with this question: Checkpoint Exam: Incident Response Answers
Exam with this question: Cyber Threat Management: My Knowledge Check Answers