Chapter 17
Introduction to Computer Forensics and Incident Response
CERTIFICATION OBJECTIVES
17.01 Working with Evidence
17.02 Collecting Digital Evidence
17.03 Looking at Incident Response
QQUESTIONS
All electronic devices we use daily, from our cars, to cell phones, to personal computers, leave digital footprints. Computer forensics refers to the documentation, acquisition, and preservation of this digital data for use as evidence. Care must be taken to ensure that the proper steps are taken to perform data acquisition legally and respond to security incidents. Periodic drills and exercises ensure that team members are familiar with response actions.
1. What must be determined by the first responder to an incident?
A. The ...
Get CompTIA Security+ Certification Practice Exams, Third Edition (Exam SY0-501), 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.