210-255 · Question #112
Which type verification typically consists of using tools to compute the message digest of the original and copies data, then comparing the digests to make sure that they are the same?
The correct answer is B. data integrity. Data integrity verification in digital forensics uses cryptographic hash algorithms to compute message digests of original and copied data, then compares them to confirm that no alteration occurred during collection or transfer.
Question
Which type verification typically consists of using tools to compute the message digest of the original and copies data, then comparing the digests to make sure that they are the same?
Options
- Aevidence collection order
- Bdata integrity
- Cdata preservation
- Dvolatile data collection
How the community answered
(52 responses)- A2% (1)
- B94% (49)
- C4% (2)
Why each option
Data integrity verification in digital forensics uses cryptographic hash algorithms to compute message digests of original and copied data, then compares them to confirm that no alteration occurred during collection or transfer.
Evidence collection order refers to the order of volatility principle - collecting the most volatile data first - and does not involve computing or comparing message digests.
Data integrity is the process of ensuring that data has not been altered, and the standard method is to compute a hash (message digest) of the original data and the copy using algorithms such as MD5 or SHA-256. If both digests match, the copy is a bit-for-bit identical duplicate of the original. This process is a foundational requirement in forensic evidence handling to prove that collected data was not tampered with.
Data preservation refers to the practice of protecting data from modification or loss, not a specific verification process involving digest comparison.
Volatile data collection refers to acquiring data from ephemeral sources such as RAM and running processes, and is unrelated to digest-based verification.
Concept tested: Data integrity verification using cryptographic hashing
Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-86.pdf
Topics
Community Discussion
No community discussion yet for this question.