Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

BCS CISMP-V9 Exam - Topic 1 Question 69 Discussion

Actual exam question for BCS's CISMP-V9 exam
Question #: 69
Topic #: 1
[All CISMP-V9 Questions]

When handling and investigating digital evidence to be used in a criminal cybercrime investigation, which of the following principles is considered BEST practice?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Maile at Mar 08, 2024, 02:19 AM

Limited Time Offer

25%

Off

Get Premium CISMP-V9 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rebeca
4 months ago
A is the gold standard for sure!
upvoted 0 times
...
Alberta
4 months ago
Wait, are we really saying D is necessary? Sounds extreme!
upvoted 0 times
...
Denna
4 months ago
C is too restrictive, anyone can handle evidence with training.
upvoted 0 times
...
Jeanice
4 months ago
I disagree, B makes more sense for integrity.
upvoted 0 times
...
Alesia
5 months ago
A is definitely the best practice!
upvoted 0 times
...
Micaela
5 months ago
The concept of having forensically 'clean' devices before investigation seems important, but I wonder if that's always practical in real-world situations.
upvoted 0 times
...
Loreen
5 months ago
I vaguely recall a practice question about who can handle digital evidence, and I think it was emphasized that it doesn't have to be just law enforcement.
upvoted 0 times
...
Lavera
5 months ago
I'm not entirely sure, but I feel like the idea that digital devices must be turned off before acquiring evidence might be too strict. We discussed some scenarios where that isn't feasible.
upvoted 0 times
...
Jonelle
5 months ago
I think the best practice is that digital evidence must not be altered unless absolutely necessary. I remember that from our lectures on evidence handling.
upvoted 0 times
...
Fatima
5 months ago
This question seems straightforward, but I want to make sure I understand the nuances. I believe the best practice is to avoid altering digital evidence unless it's absolutely necessary, but I'm not 100% certain. I'll make sure to double-check my understanding before answering.
upvoted 0 times
...
Lennie
5 months ago
Okay, let's see. I know that digital evidence needs to be handled very carefully to maintain its admissibility in court. I think the best approach is to avoid altering the evidence if possible, but I'm not sure if that's the only acceptable practice. I'll have to review my notes on this topic.
upvoted 0 times
...
Corrina
5 months ago
Hmm, I'm a bit unsure about this one. I think the key is to preserve the integrity of the digital evidence, but I'm not sure if that means the evidence can't be altered at all or just that any alterations need to be documented. I'll have to think this through carefully.
upvoted 0 times
...
Sena
5 months ago
This is a straightforward question about best practices for handling digital evidence in a cybercrime investigation. I'm pretty confident that the correct answer is A - digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
Kirk
6 months ago
Ah, I remember learning about this in class. The system database contains the help topics, plugins, and information about table structures, so I'll select those.
upvoted 0 times
...
Roxanne
6 months ago
This is a lot of material to cover, but I think if I break it down step-by-step, I can work through the calculations and analysis required to answer the question.
upvoted 0 times
...
Gladys
6 months ago
I'm pretty sure the principal function of the Hypervisor is to schedule the sharing of resources, so I'll go with option C.
upvoted 0 times
...
Mariko
6 months ago
I remember a practice question on OSPF that mentioned something similar to option C, but I have a vague feeling that was about loop prevention in a broader context.
upvoted 0 times
...
Annett
6 months ago
I'm a bit confused on the differences between some of these principles. Service Agility and Service Autonomy both seem relevant, but I'll have to re-read the material to be sure.
upvoted 0 times
...
Quinn
10 months ago
Option A is the way to go. Can't have the 'CSI' team messing with the digital evidence, right? That's a recipe for disaster!
upvoted 0 times
...
Gracia
10 months ago
Option D about 'forensically clean' devices is a bit overkill. As long as the evidence is properly handled and documented, that should be sufficient.
upvoted 0 times
Scot
8 months ago
I agree, proper handling and documentation are key in cybercrime investigations.
upvoted 0 times
...
Silvana
9 months ago
C) Digital evidence can only be handled by a member of law enforcement.
upvoted 0 times
...
Cristen
9 months ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
Anglea
9 months ago
Option D is important to ensure the integrity of the evidence.
upvoted 0 times
...
Heike
9 months ago
B) Acquiring digital evidence can only be carried on digital devices which have been turned off.
upvoted 0 times
...
Virgie
9 months ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
...
Tammi
10 months ago
While law enforcement should be involved, I don't think digital evidence can only be handled by them. Trained forensic experts can also handle it properly.
upvoted 0 times
Celestine
9 months ago
Trained forensic experts can also handle digital evidence properly.
upvoted 0 times
...
Aleta
10 months ago
B) Acquiring digital evidence can only be carried on digital devices which have been turned off.
upvoted 0 times
...
Diane
10 months ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
...
Bette
11 months ago
Option B doesn't seem right. Digital devices can be imaged and analyzed while still powered on, as long as proper precautions are taken.
upvoted 0 times
Fidelia
9 months ago
Option B doesn't seem right. Digital devices can be imaged and analyzed while still powered on, as long as proper precautions are taken.
upvoted 0 times
...
Gracie
10 months ago
B) Acquiring digital evidence can only be carried on digital devices which have been turned off.
upvoted 0 times
...
Jacklyn
10 months ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
...
Whitney
11 months ago
I think option A is the best practice. Maintaining the integrity of digital evidence is crucial in a criminal investigation.
upvoted 0 times
Makeda
10 months ago
True, both options A and D are crucial for a successful cybercrime investigation.
upvoted 0 times
...
Yolando
10 months ago
I think option D is also important, ensuring that the digital devices are clean before investigation can prevent contamination.
upvoted 0 times
...
Evan
10 months ago
It's important to follow best practices to avoid any issues with the evidence later on.
upvoted 0 times
...
Carma
10 months ago
I agree, option A ensures that the digital evidence remains intact and unaltered.
upvoted 0 times
...
...
Lenna
11 months ago
I think option D is also important, digital devices must be forensically 'clean' before investigation to ensure accurate results.
upvoted 0 times
...
Ilene
12 months ago
I agree with Gilberto, altering digital evidence can compromise the integrity of the investigation.
upvoted 0 times
...
Gilberto
12 months ago
I think the best practice is option A, digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...

Save Cancel