Digital Forensics — CompTIA CySA+ (CS0-003) Practice Questions
Digital forensics is the discipline of collecting, preserving, analyzing, and reporting on electronic evidence from computers, mobile devices, network logs, and cloud environments in a manner that maintains its integrity and admissibility. The CySA+ exam covers forensic concepts such as the order of volatility, disk and memory acquisition techniques, file system analysis, and log examination as they apply to incident investigations. Analysts must understand how to document findings in a chain-of-custody manner and how forensic analysis feeds into root cause determination and legal or disciplinary proceedings.
Free questions on digital forensics
During a security incident, the analyst needs to preserve evidence from a compromised server. Which action should be performed FIRST?
Free question · medium · full answer + explanation
More digital forensics questions in the full bank
- What is registry forensics? Unlock answer & explanation →
- How to preserve threat hunting data? Unlock answer & explanation →
- Which of the following is a critical component of chain of custody in digital forensics? Unlock answer & explanation →