CS0-003 · Question #499
CS0-003 Question #499: Real Exam Question with Answer & Explanation
The correct answer is D: Chain of custody. The chain of custody is a documented history that tracks how evidence is handled, collected, transported, and preserved at every stage of the forensic investigation. If a gap exists in the record of who transferred or accessed the evidence, it could call into question the integri
Question
An auditor is reviewing an evidence log associated with a cyber crime. The auditor notices that a gap exists between individuals who were responsible for holding onto and transferring the evidence between individuals responsible for the investigation. Which of the following best describes the evidence handling process that was not property followed?
Options
- AValidating data integrity
- BPreservation
- CLegal hold
- DChain of custody
Explanation
The chain of custody is a documented history that tracks how evidence is handled, collected, transported, and preserved at every stage of the forensic investigation. If a gap exists in the record of who transferred or accessed the evidence, it could call into question the integrity and admissibility of the evidence.
Topics
Community Discussion
No community discussion yet for this question.