CompTIA
SY0-301 · Question #899
SY0-301 Question #899: Real Exam Question with Answer & Explanation
Sign in or unlock SY0-301 to reveal the answer and full explanation for question #899. The question stem and answer options stay visible for context.
Question
The incident response team has received the following email message. From: [email protected] To: [email protected] Subject: Copyright infringement A copyright infringement alert was triggered by IP address 13.10.66.5 at 09: 50: 01 GMT. After reviewing the following web logs for IP 13.10.66.5, the team is unable to correlate and identify the incident. 09: 45: 33 13.10.66.5 http: //remote.site.com/login.asp?user=john 09: 50: 22 13.10.66.5 http: //remote.site.com/logout.asp?user=anne 10: 50: 01 13.10.66.5 http: //remote.site.com/access.asp?file=movie.mov 11: 02: 45 13.10.65.5 http: //remote.site.com/download.asp?movie.mov=ok Which of the following is the MOST likely reason why the incident response team is unable to identify and correlate the incident?
Options
- AThe logs are corrupt and no longer forensically sound.
- BTraffic logs for the incident are unavailable.
- CChain of custody was not properly maintained.
- DIncident time offsets were not accounted for.
Unlock SY0-301 to see the answer
You've previewed enough free SY0-301 questions. Unlock SY0-301 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.