What is the appropriate method to store and transfer digital evidence (logs, emails) related to an incident?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Corrections Communication Test with our comprehensive study tools. Boost your understanding with multiple choice questions and detailed explanations. Master communication skills for a successful exam performance!

Multiple Choice

What is the appropriate method to store and transfer digital evidence (logs, emails) related to an incident?

Explanation:
Maintaining the integrity and traceability of digital evidence through chain-of-custody and controlled storage is the core idea. The best approach requires following chain-of-custody procedures, preserving the original data in its unchanged form, and logging every transfer or access. Stored in approved, access-controlled repositories, this creates a verifiable audit trail showing who handled the data, when, and under what conditions. It often involves capturing a cryptographic hash of files at collection, documenting each step of custody, and restricting access to authorized personnel. This combination protects against tampering, loss, or unauthorized exposure and helps ensure the evidence remains admissible and credible. Copying data freely to personal drives introduces risk of alteration and makes it impossible to prove provenance. Deleting the original data after transfer removes the ability to verify authenticity. Storing data in a public cloud without logs eliminates the necessary audit trail and controls.

Maintaining the integrity and traceability of digital evidence through chain-of-custody and controlled storage is the core idea. The best approach requires following chain-of-custody procedures, preserving the original data in its unchanged form, and logging every transfer or access. Stored in approved, access-controlled repositories, this creates a verifiable audit trail showing who handled the data, when, and under what conditions. It often involves capturing a cryptographic hash of files at collection, documenting each step of custody, and restricting access to authorized personnel. This combination protects against tampering, loss, or unauthorized exposure and helps ensure the evidence remains admissible and credible.

Copying data freely to personal drives introduces risk of alteration and makes it impossible to prove provenance. Deleting the original data after transfer removes the ability to verify authenticity. Storing data in a public cloud without logs eliminates the necessary audit trail and controls.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy