CompTIA Security+ Certification Practice Exams, Third Edition (Exam SY0-501), 3rd Edition

Chapter 17 Introduction to Computer Forensics and Incident Response

CERTIFICATION OBJECTIVES

17.01 Working with Evidence

17.02 Collecting Digital Evidence

17.03 Looking at Incident Response

QQUESTIONS

All electronic devices we use daily, from our cars, to cell phones, to personal computers, leave digital footprints. Computer forensics refers to the documentation, acquisition, and preservation of this digital data for use as evidence. Care must be taken to ensure that the proper steps are taken to perform data acquisition legally and respond to security incidents. Periodic drills and exercises ensure that team members are familiar with response actions.

1. What must be determined by the first responder to an incident?

A. The ...

Get CompTIA Security+ Certification Practice Exams, Third Edition (Exam SY0-501), 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ Certification Practice Exams, Third Edition (Exam SY0-501), 3rd Edition by Daniel Lachance, Glen E. Clarke

Chapter 17

Introduction to Computer Forensics and Incident Response

QQUESTIONS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly