CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition

Chapter 21

Incident Response and Computer Forensics

CERTIFICATION OBJECTIVES

21.01 Working with Evidence

21.02 Collecting Digital Evidence

21.03 Looking at Incident Response

QUESTIONS

All electronic devices we use daily, from our cars and cell phones, to laptops and personal computers, leave digital footprints. Computer forensics refers to the documentation, acquisition, and preservation of this digital data for use as evidence. It’s vitally important that you ensure that the proper steps are taken to respond to security incidents and to perform data acquisition legally.

Incident preparation activities such as periodic drills, incident simulations and walkthroughs, and tabletop exercises ensure that team members are familiar with ...

Get CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601), 4th Edition by Daniel Lachance, Glen E. Clarke

Chapter 21

QUESTIONS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly