New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM CFA-001 Exam - Topic 3 Question 82 Discussion

Actual exam question for GAQM's CFA-001 exam
Question #: 82
Topic #: 3
[All CFA-001 Questions]

What is the First Step required in preparing a computer for forensics investigation?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Merlyn at May 02, 2024, 11:25 AM

Limited Time Offer

25%

Off

Get Premium CFA-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Pauline
3 months ago
I agree with A, but I feel like D is also super important!
upvoted 0 times
...
Jina
3 months ago
Wait, are we sure A is the first step? Sounds too obvious.
upvoted 0 times
...
Joesph
3 months ago
C seems important too, but is it really the first step?
upvoted 0 times
...
Shizue
4 months ago
I think B is more critical, securing media is key.
upvoted 0 times
...
Peter
4 months ago
Definitely A, you can't mess with the scene!
upvoted 0 times
...
Haley
4 months ago
I thought identifying the type of data was more about planning the investigation rather than the first step. It feels like it comes later in the process.
upvoted 0 times
...
Thad
4 months ago
I vaguely recall something about suspending automated document destruction policies being crucial. It might be one of the first actions to take, but I can't remember clearly.
upvoted 0 times
...
Luther
4 months ago
I'm not entirely sure, but I feel like securing relevant media might be the first thing we need to do. It seems important to preserve evidence.
upvoted 0 times
...
Glory
5 months ago
I think the first step is definitely to not turn the computer off or on. I remember that being emphasized in our practice scenarios.
upvoted 0 times
...
Eun
5 months ago
Suspend automated document destruction and recycling policies? I didn't even know that was a thing. I'm just going to play it safe and not touch the computer at all.
upvoted 0 times
...
Luis
5 months ago
Okay, I think the key is to not do anything that could potentially alter or destroy the data on the computer. So option A looks like the way to go - don't turn it on, run programs, or try to access the data.
upvoted 0 times
...
Cassie
5 months ago
I'm pretty sure the first step is to not touch the computer at all and just secure any relevant media. That seems like the safest approach to preserve evidence.
upvoted 0 times
...
Jesusita
5 months ago
Hmm, I'm a bit confused. I thought we were supposed to identify the type of data and urgency first before doing anything else. But now I'm not sure.
upvoted 0 times
...
Rory
5 months ago
I think I've got this one. The key is to identify the method that is not a way to determine the sensor version. I'll go through the options and see which one doesn't fit.
upvoted 0 times
...
Carol
5 months ago
I've got this! Entity classes are used to assign risks and controls to the specific entities you're tracking. Options B and C seem to be the most relevant here.
upvoted 0 times
...
Cathrine
9 months ago
Clearly, the correct answer is A. Don't touch anything, or you might end up in the digital doghouse!
upvoted 0 times
Terrilyn
8 months ago
D) Identify the type of data you are seeking, the Information you are looking for, and the urgency level of the examination
upvoted 0 times
...
Judy
8 months ago
C) Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue
upvoted 0 times
...
Lenora
9 months ago
B) Secure any relevant media
upvoted 0 times
...
Royal
9 months ago
A) Do not turn the computer off or on, run any programs, or attempt to access data on a computer
upvoted 0 times
...
...
Jacquline
10 months ago
D sounds like a lot of work. Can't we just turn it off and on again and call it a day?
upvoted 0 times
...
Sunny
10 months ago
Haha, I bet the answer is C. Who doesn't love a good document destruction suspension policy?
upvoted 0 times
Jenifer
8 months ago
C) Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue
upvoted 0 times
...
Alline
9 months ago
B) Secure any relevant media
upvoted 0 times
...
Charolette
9 months ago
A) Do not turn the computer off or on, run any programs, or attempt to access data on a computer
upvoted 0 times
...
...
Sueann
10 months ago
I think B is the way to go. Securing the relevant media should be the top priority.
upvoted 0 times
Carey
9 months ago
User 3: It's important to make sure the data is preserved and not tampered with.
upvoted 0 times
...
Sommer
10 months ago
User 2: Definitely, that should be the first step in preparing for a computer forensics investigation.
upvoted 0 times
...
Wenona
10 months ago
User 1: I agree, securing the relevant media is crucial.
upvoted 0 times
...
...
Margret
10 months ago
A is the correct answer. We must preserve the state of the computer as it is to avoid any potential evidence tampering or destruction.
upvoted 0 times
Colette
8 months ago
D) Identify the type of data you are seeking, the Information you are looking for, and the urgency level of the examination
upvoted 0 times
...
Alease
9 months ago
C) Suspend automated document destruction and recycling policies that may pertain to any relevant media or users at Issue
upvoted 0 times
...
Kate
9 months ago
B) Secure any relevant media
upvoted 0 times
...
Ammie
9 months ago
A) Do not turn the computer off or on, run any programs, or attempt to access data on a computer
upvoted 0 times
...
...
Lazaro
10 months ago
I believe identifying the type of data and urgency level is also important (Option D)
upvoted 0 times
...
Jolanda
11 months ago
I agree with Dottie, securing the media is crucial to preserve evidence
upvoted 0 times
...
Dottie
11 months ago
I think the first step is to secure any relevant media (Option B)
upvoted 0 times
...

Save Cancel