ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 386 discussion

Actual exam question from CompTIA's SY0-601
Question #: 386
Topic #: 1
[All SY0-601 Questions]

An incident response technician collected a mobile device during an investigation. Which of the following should the technician do to maintain chain of custody?

  • A. Document the collection and require a sign-off when possession changes.
  • B. Lock the device in a safe or other secure location to prevent theft or alteration.
  • C. Place the device in a Faraday cage to prevent corruption of the data.
  • D. Record the collection in a blockchain-protected public ledger.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Jibz18 at Feb. 11, 2023, 5:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
T4IT
Highly Voted 2 years, 1 month ago
Selected Answer: A
possession changes = chain of custody
upvoted 6 times
...
ApplebeesWaiter1122
Most Recent 1 year, 10 months ago
Selected Answer: A
Maintaining proper documentation of the collection and ensuring that there is a clear chain of custody is essential for preserving the integrity and admissibility of evidence. The technician should document details such as the date, time, location, and individuals involved in the collection process. Each time the possession of the device changes hands, it should be properly recorded and acknowledged by the parties involved. This helps establish a clear trail of custody, ensuring that the device's integrity is maintained and that the evidence collected is reliable.
upvoted 3 times
...
SophyQueenCR82
2 years ago
A. Document the collection and require a sign-off when possession changes is the correct option to maintain chain of custody when collecting a mobile device during an investigation. It is important to document the collection process, including who collected the device, when and where it was collected, and any other relevant details. It is also necessary to require a sign-off when possession changes, to ensure accountability and track the device's movement. This helps maintain the integrity of the evidence and ensures that it can be used in legal proceedings. The other options do not address chain of custody properly, as they either focus on physical security (B and C) or use a technology that may not be appropriate for the situation (D).
upvoted 3 times
...
i_luv_stoneface
2 years, 2 months ago
Selected Answer: A
A = answer
upvoted 3 times
...
Jibz18
2 years, 2 months ago
Selected Answer: A
Going for A here.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago