nerdexam
(ISC)2

CISSP-ISSMP · Question #86

Which of the following needs to be documented to preserve evidences for presentation in court?

The correct answer is D. Chain of custody. Chain of custody is the chronological documentation that records the seizure, custody, control, transfer, analysis, and disposition of physical or digital evidence. Maintaining a proper chain of custody ensures that evidence has not been tampered with or contaminated, which is es

Security Operations Management

Question

Which of the following needs to be documented to preserve evidences for presentation in court?

Options

  • ASeparation of duties
  • BAccount lockout policy
  • CIncident response policy
  • DChain of custody

How the community answered

(26 responses)
  • A
    4% (1)
  • D
    96% (25)

Explanation

Chain of custody is the chronological documentation that records the seizure, custody, control, transfer, analysis, and disposition of physical or digital evidence. Maintaining a proper chain of custody ensures that evidence has not been tampered with or contaminated, which is essential for its admissibility in court. Separation of duties, account lockout policies, and incident response policies are important security practices, but they are not the mechanism used to preserve and authenticate the integrity of evidence for legal proceedings.

Topics

#Chain of custody#Evidence preservation#Digital forensics#Legal admissibility

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSMP Practice