An organization's security team has collected digital evidence during an investigation of a potential data breach. Which of the following is the BEST approach for storing this evidence to maintain its admissibility in court?
Conduct integrity verification by updating file timestamps to confirm system operation
Utilize remote cloud storage with encryption and authentication safeguards
Create copies of digital evidence and distribute them to security team members for parallel analysis
Implement a secure storage facility with access controls, documentation of evidence handling, and physical protection measures
The correct answer is to implement a secure storage facility with access controls, documentation of evidence handling, and physical protection measures. When storing digital evidence, maintaining the Chain of Custody (CoC) is paramount to ensure admissibility in court proceedings. This means documenting who has handled the evidence, when they accessed it, and for what purpose. Additionally, physical security measures such as controlled access to the storage facility and tamper-evident containers provide protection against unauthorized access or manipulation. Temperature and humidity controls are important for certain types of physical evidence but are secondary to CoC documentation for digital evidence. While integrity checks are valuable, they should be conducted in a manner that doesn't alter the original evidence. Making copies for analysis is a good practice but doesn't replace proper storage procedures. Remote cloud storage introduces potential CoC challenges that could compromise admissibility.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Chain of Custody (CoC) in digital evidence?
Open an interactive chat with Bash
Why are access controls important for storing digital evidence?
Open an interactive chat with Bash
What types of physical protection measures are effective for evidence storage?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access