Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

bundle

50%

Enter your email address to receive your 50% off dicount code:

A confirmation link will be sent to this email address to verify your login.

* We value your privacy. We will not rent or sell your email address.

SPECIAL OFFER: GET 50% OFF

bundle

50%

Use Discount Code:

BRIEF50

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from support@prepaway.com and follow the directions.

ISC Exam Questions

Free ISC2 Study Guide

Skip to top navigation

eMail
Facebook
Twitter

Skip to main navigation

Log in

Skip to content

Menu

Home
Community
- Support & Feedback
- Discussion
Support
Change Logs
Register
Login

Search for:

You are here: Home > ISC Exam Questions > ISSMP > Which of the following needs to be documented to preserve evidences for presentation in court?

Post navigation

← Previous question

Next question →

PrepAway - Latest Free Exam Questions & Answers

Which of the following needs to be documented to preserve evidences for presentation in court?

seenagapeJuly 6, 2016

Which of the following needs to be documented to preserve evidences for presentation in court?

PrepAway - Latest Free Exam Questions & Answers

A.
Separation of duties

B.
Account lockout policy

C.
Incident response policy

D.
Chain of custody

Explanation:
A chain of custody should be documented to preserve evidences for presentation in court.
A chain of custody is a documentation that shows who has collected and accessed each piece of
evidence. The documentation must be meticulously prepared including the minutest details (such as
the date, time, location, and the verified identity of every person handling the evidence) so that the
documentation is verifiable. It includes the time of accessing the evidence and the valid reason for
doing so. A chain of custody must be maintained for all evidences in order to maintain the validity of
the evidences.
Answer option A is incorrect. Separation of duties is the concept and a part of an organization’s
policy of having more than one person required to complete a task. It implements an appropriate
level of checks and balances upon the activities of individuals. With the concept of SoD, business
critical duties can be categorized into four types of functions: authorization, custody, record keeping,
and reconciliation. In a perfect system, no person should handle more than one type of function.
Separation of duties helps reduce the potential damage from the actions of one person. As an
organization’s policy it also helps to prevent collusion.
Answer option C is incorrect. Incident response policy is a document that defines an incident and
helps people to respond appropriately to that incident. It provides information about people who
are responsible for handling security incidents and how they can be contacted. The incident
response policy also provides instructions to deal with documenting and disseminating incidentrelated information.
Answer option B is incorrect. Account Lockout policy locks out a user after a specified number of
failed logon attempts. It prevents potential intruders from repeatedly trying different passwords to
guess the correct password for accessing a user account.
The following are policies under Account Lockout:
1.Account Lockout duration
2.Account Lockout threshold
3.Reset Account Lockout counter after
“http://en.wikipedia.org/wiki/Chain_of_custody”

In ISSMPExam ISSMP

Post navigation

← Previous question

Next question →

Leave a Reply Cancel reply

You must be logged in to post a comment.

Hide Sidebar

Related questions

Recent comments

Move Up

Home
About
Community
Privacy
TOS

The ISC Exam Questions are not in real test, just for reference.