Multiple Choice
While an employee is on vacation, suspicion arises that the employee has been involved in malicious activity on the network. The security engineer is concerned the investigation may need to continue after the employee returns to work. Given this concern, which of the following should the security engineer recommend to maintain the integrity of the investigation?
A) Create archival copies of all documents and communications related to the employee
B) Create a forensic image of network infrastructure devices
C) Create an image file of the employee's network drives and store it with hashes
D) Install a keylogger to capture the employee's communications and contacts
Correct Answer:
Verified
Correct Answer:
Verified
Q250: A project manager is working with system
Q251: After several industry comnpetitors suffered data loss
Q252: As a result of an acquisition, a
Q253: A security engineer is deploying an IdP
Q254: An organization based in the United States
Q256: A server (10.0.0.2) on the corporate network
Q257: A threat advisory alert was just emailed
Q258: A Chief Information Security Officer (CISO) is
Q259: Following a recent network intrusion, a company
Q260: An organization, which handles large volumes of