Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isaca Discussions
exam questions

Exam CISA All Questions

View all questions & answers for the CISA exam
Go to Exam

Exam CISA topic 1 question 1389 discussion

Actual exam question from Isaca's CISA
Question #: 1389
Topic #: 1
[All CISA Questions]

An IS auditor finds a computer that is suspected to have been involved in a cyber crime. Which of the following activities is MOST critical to ensure data collected is admissible in a court of law?

  • A. Notify law enforcement upon detection.
  • B. Track possession of the computer.
  • C. Collect audit logs from the affected computer.
  • D. Power off the computer to ensure data is not changed.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Rachy at Jan. 24, 2024, 11:11 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
blehbleh
3 weeks, 4 days ago
Selected Answer: B
This is B. It has to be used in court eventually. If it has to be used in court you need to have a chain of custody otherwise it can't be used.
upvoted 1 times
...
PurpleParrot
2 months, 1 week ago
Selected Answer: B
Option B: track possession here implies maintain chain of custody
upvoted 1 times
...
a84n
6 months, 1 week ago
Selected Answer: C
Answer C
upvoted 1 times
a84n
6 months, 1 week ago
Q: Which of the following activities is MOST critical to ensure data collected is admissible in a court of law?
upvoted 2 times
...
...
joehong
7 months ago
Selected Answer: B
Track possession of the computer ensure Chain of Custody
upvoted 1 times
...
marc4354345
8 months, 3 weeks ago
Selected Answer: A
Should be A. Suspected crime means law enforcement must be notified. They will run the forensic procedures. Powering down the computer will delete "data in use".
upvoted 1 times
...
Sibsankar
9 months ago
It may be D. Prioritizing the preservation of evidence by powering down the computer immediately ensures the data remains intact and maximizes its admissibility in court. It's important to emphasize the importance of following established forensic procedures and consulting with legal counsel to ensure proper handling and collection of digital evidence.
upvoted 2 times
...
Rachy
9 months, 3 weeks ago
Selected Answer: A
What about A?
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel