Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

BCS CISMP-V9 Exam - Topic 1 Question 69 Discussion

Actual exam question for BCS's CISMP-V9 exam
Question #: 69
Topic #: 1
[All CISMP-V9 Questions]

When handling and investigating digital evidence to be used in a criminal cybercrime investigation, which of the following principles is considered BEST practice?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Maile at Mar 08, 2024, 02:19 AM

Limited Time Offer

25%

Off

Get Premium CISMP-V9 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rebeca
6 months ago
A is the gold standard for sure!
upvoted 0 times
...
Alberta
6 months ago
Wait, are we really saying D is necessary? Sounds extreme!
upvoted 0 times
...
Denna
6 months ago
C is too restrictive, anyone can handle evidence with training.
upvoted 0 times
...
Jeanice
7 months ago
I disagree, B makes more sense for integrity.
upvoted 0 times
...
Alesia
7 months ago
A is definitely the best practice!
upvoted 0 times
...
Micaela
7 months ago
The concept of having forensically 'clean' devices before investigation seems important, but I wonder if that's always practical in real-world situations.
upvoted 0 times
...
Loreen
7 months ago
I vaguely recall a practice question about who can handle digital evidence, and I think it was emphasized that it doesn't have to be just law enforcement.
upvoted 0 times
...
Lavera
7 months ago
I'm not entirely sure, but I feel like the idea that digital devices must be turned off before acquiring evidence might be too strict. We discussed some scenarios where that isn't feasible.
upvoted 0 times
...
Jonelle
8 months ago
I think the best practice is that digital evidence must not be altered unless absolutely necessary. I remember that from our lectures on evidence handling.
upvoted 0 times
...
Fatima
8 months ago
This question seems straightforward, but I want to make sure I understand the nuances. I believe the best practice is to avoid altering digital evidence unless it's absolutely necessary, but I'm not 100% certain. I'll make sure to double-check my understanding before answering.
upvoted 0 times
...
Lennie
8 months ago
Okay, let's see. I know that digital evidence needs to be handled very carefully to maintain its admissibility in court. I think the best approach is to avoid altering the evidence if possible, but I'm not sure if that's the only acceptable practice. I'll have to review my notes on this topic.
upvoted 0 times
...
Corrina
8 months ago
Hmm, I'm a bit unsure about this one. I think the key is to preserve the integrity of the digital evidence, but I'm not sure if that means the evidence can't be altered at all or just that any alterations need to be documented. I'll have to think this through carefully.
upvoted 0 times
...
Sena
8 months ago
This is a straightforward question about best practices for handling digital evidence in a cybercrime investigation. I'm pretty confident that the correct answer is A - digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
Kirk
8 months ago
Ah, I remember learning about this in class. The system database contains the help topics, plugins, and information about table structures, so I'll select those.
upvoted 0 times
...
Roxanne
8 months ago
This is a lot of material to cover, but I think if I break it down step-by-step, I can work through the calculations and analysis required to answer the question.
upvoted 0 times
...
Gladys
8 months ago
I'm pretty sure the principal function of the Hypervisor is to schedule the sharing of resources, so I'll go with option C.
upvoted 0 times
...
Mariko
8 months ago
I remember a practice question on OSPF that mentioned something similar to option C, but I have a vague feeling that was about loop prevention in a broader context.
upvoted 0 times
...
Annett
8 months ago
I'm a bit confused on the differences between some of these principles. Service Agility and Service Autonomy both seem relevant, but I'll have to re-read the material to be sure.
upvoted 0 times
...
Quinn
1 year ago
Option A is the way to go. Can't have the 'CSI' team messing with the digital evidence, right? That's a recipe for disaster!
upvoted 0 times
...
Gracia
1 year ago
Option D about 'forensically clean' devices is a bit overkill. As long as the evidence is properly handled and documented, that should be sufficient.
upvoted 0 times
Scot
11 months ago
I agree, proper handling and documentation are key in cybercrime investigations.
upvoted 0 times
...
Silvana
11 months ago
C) Digital evidence can only be handled by a member of law enforcement.
upvoted 0 times
...
Cristen
11 months ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
Anglea
11 months ago
Option D is important to ensure the integrity of the evidence.
upvoted 0 times
...
Heike
11 months ago
B) Acquiring digital evidence can only be carried on digital devices which have been turned off.
upvoted 0 times
...
Virgie
11 months ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
...
Tammi
1 year ago
While law enforcement should be involved, I don't think digital evidence can only be handled by them. Trained forensic experts can also handle it properly.
upvoted 0 times
Celestine
12 months ago
Trained forensic experts can also handle digital evidence properly.
upvoted 0 times
...
Aleta
12 months ago
B) Acquiring digital evidence can only be carried on digital devices which have been turned off.
upvoted 0 times
...
Diane
1 year ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
...
Bette
1 year ago
Option B doesn't seem right. Digital devices can be imaged and analyzed while still powered on, as long as proper precautions are taken.
upvoted 0 times
Fidelia
12 months ago
Option B doesn't seem right. Digital devices can be imaged and analyzed while still powered on, as long as proper precautions are taken.
upvoted 0 times
...
Gracie
12 months ago
B) Acquiring digital evidence can only be carried on digital devices which have been turned off.
upvoted 0 times
...
Jacklyn
1 year ago
A) Digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...
...
Whitney
1 year ago
I think option A is the best practice. Maintaining the integrity of digital evidence is crucial in a criminal investigation.
upvoted 0 times
Makeda
1 year ago
True, both options A and D are crucial for a successful cybercrime investigation.
upvoted 0 times
...
Yolando
1 year ago
I think option D is also important, ensuring that the digital devices are clean before investigation can prevent contamination.
upvoted 0 times
...
Evan
1 year ago
It's important to follow best practices to avoid any issues with the evidence later on.
upvoted 0 times
...
Carma
1 year ago
I agree, option A ensures that the digital evidence remains intact and unaltered.
upvoted 0 times
...
...
Lenna
1 year ago
I think option D is also important, digital devices must be forensically 'clean' before investigation to ensure accurate results.
upvoted 0 times
...
Ilene
1 year ago
I agree with Gilberto, altering digital evidence can compromise the integrity of the investigation.
upvoted 0 times
...
Gilberto
1 year ago
I think the best practice is option A, digital evidence must not be altered unless absolutely necessary.
upvoted 0 times
...

Save Cancel