• Post author:
  • Post category:Blog
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

Sanija works in the forensics group of a CSIRT team. Which two of the following are primary outputs for which she is responsible? (Choose two.)

  • threat assessment report
  • bit-by-bit copy of the compromised system’s hard drive
  • vulnerability assessment report
  • chain-of-custody report
  • SIEM log report
Explanation & Hint:

The two primary outputs for which Sanija, working in the forensics group of a CSIRT team, is responsible are:

  1. Bit-by-bit copy of the compromised system’s hard drive: This is a critical output in digital forensics, where a forensic analyst creates an exact duplicate (forensic image) of the compromised system’s hard drive to preserve the original data for investigation without altering it.
  2. Chain-of-custody report: This report is essential for documenting the handling, custody, and control of digital evidence throughout the forensic investigation process. It ensures the integrity and admissibility of evidence in legal proceedings.

The other options, such as the threat assessment report, vulnerability assessment report, and SIEM log report, are relevant to different aspects of cybersecurity but are not typically primary outputs of the forensics group in a CSIRT team.

For more Questions and Answers:

Security Operations Center Post-Assessment | CBROPS

Notify of
Inline Feedbacks
View all comments