The security team at this company has removed the compromised server and preserved it with the security hack still embedded. What type of evidence is this?

IT Questions BankCategory: CCNA CyberOpsThe security team at this company has removed the compromised server and preserved it with the security hack still embedded. What type of evidence is this?
The security team at this company has removed the compromised server and preserved it with the security hack still embedded. What type of evidence is this? 1ITExamAnswers Staff asked 4 months ago
Use the following scenario to answer the questions. A company has just had a cybersecurity incident. The threat actor or actors appeared to have a goal of network disruption and appeared to use a common security hack tool that overwhelmed a particular server with a large amount of traffic, which rendered the server inoperable.

The security team at this company has removed the compromised server and preserved it with the security hack still embedded. What type of evidence is this?

  • best
  • classified
  • corroborating
  • indirect

Explanation: Evidence is classified as direct or indirect. Direct evidence is that the accused was caught in the act, there is an eyewitness, or the evidence is indisputable. Three other types of evidence are best, corroborating, and indirect. Best is evidence in its original state. Corroborating evidence supports an assertion developed from best evidence. Indirect evidence provides support for a hypothesis.

More Questions: CCNA Cyber Ops Chapter 12 Exam Answers


Related Articles