Use the following scenario to answer the questions. A company has just had a cybersecurity incident. The threat actor or actors appeared to have a goal of network disruption and appeared to use a common security hack tool that overwhelmed a particular server with a large amount of traffic, which rendered the server inoperable.
The security team at this company has removed the compromised server and preserved it with the security hack still embedded. What type of evidence is this?
- best
- classified
- corroborating
- indirect
Explanation: Evidence is classified as direct or indirect. Direct evidence is that the accused was caught in the act, there is an eyewitness, or the evidence is indisputable. Three other types of evidence are best, corroborating, and indirect. Best is evidence in its original state. Corroborating evidence supports an assertion developed from best evidence. Indirect evidence provides support for a hypothesis.
Exam with this question: CCNA Cyber Ops Chapter 12 Exam Answers
Please login or Register to submit your answer