During an incident response, you have collected log files as evidence. Which method ensures that the log files have maintained their integrity and have not been altered after collection?
Creating a digital signature for the log files.
Hashing the log files with MD5 before and after handling them.
Using hash functions like MD5 or SHA-256 ensures the integrity of log files. By hashing before and after handling the data, you can detect any changes. Digital signatures also provide similar functionality, but just copying the files and creating backups without using hashes does not guarantee integrity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is hashing, and why is it important for log files?
Open an interactive chat with Bash
What is MD5 and how does it relate to cybersecurity?