To ensure that the chain of custody is maintained, what three items should be logged about evidence that is collected and analyzed after a security incident has occurred? (Choose three.)

IT Questions BankCategory: CCNA CyberOpsTo ensure that the chain of custody is maintained, what three items should be logged about evidence that is collected and analyzed after a security incident has occurred? (Choose three.)
To ensure that the chain of custody is maintained, what three items should be logged about evidence that is collected and analyzed after a security incident has occurred? (Choose three.) 1ITExamAnswers Staff asked 9 months ago

To ensure that the chain of custody is maintained, what three items should be logged about evidence that is collected and analyzed after a security incident has occurred? (Choose three.)

  • measures used to prevent an incident
  • time and date the evidence was collected
  • extent of the damage to resources and assets
  • vulnerabilities that were exploited in an attack
  • serial numbers and hostnames of devices used as evidence
  • location of all evidence

Explanation: A chain of custody refers to the proper accounting of evidence collected about an incident that is used as part of an investigation. The chain of custody should include the location of all evidence, the identifying information of all evidence such as serial numbers and hostnames, identifying information about all persons handing the evidence, and the time and date that the evidence was collected.

More Questions: CCNA Cyber Ops Chapter 13 Exam Answers


Related Articles