CompTIACompTIA
220-1102 · Question #63
220-1102 Question #63: Real Exam Question with Answer & Explanation
The correct answer is B: Chain of custody. Throughout the forensic evidence life cycle, the chain of custody must be meticulously maintained to ensure the integrity and admissibility of the evidence.
Operational Procedures
Question
Which of the following must be maintained throughout the forensic evidence life cycle when dealing with a piece of evidence?
Options
- AAcceptable use
- BChain of custody
- CSecurity policy
- DInformation management
Explanation
Throughout the forensic evidence life cycle, the chain of custody must be meticulously maintained to ensure the integrity and admissibility of the evidence.
Common mistakes.
- A. Acceptable use policies govern how users interact with IT resources but are not specific to the handling and preservation of forensic evidence.
- C. A security policy outlines an organization's security posture and rules but is not the specific mechanism for tracking the handling of individual pieces of evidence.
- D. Information management is a broad discipline concerning the organization and storage of information, which is too general to specifically address the integrity of forensic evidence.
Concept tested. Digital forensics chain of custody
Reference. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-86.pdf
Topics
#Chain of custody#Forensic evidence#Evidence handling#Digital forensics
Community Discussion
No community discussion yet for this question.