Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

In which stage of first response does the forensic staff maintain a strict chain of custody?

  1. Collecting incident information

  2. Documenting the electronic crime scene

  3. Transporting electronic evidence

  4. Identifying electronic evidence

The correct answer is: Transporting electronic evidence

Maintaining a strict chain of custody is critical during the transportation of electronic evidence. The chain of custody refers to the process of maintaining and documenting the handling of evidence from the point of collection until it is presented in court. This ensures that the evidence remains untampered and credible. During transportation, any mishandling or lack of proper documentation can compromise the integrity of the evidence, which could ultimately affect its admissibility in legal proceedings. It is essential to keep detailed records of every individual who handles the evidence, the time and date it was transferred, and the conditions under which it was transported. This meticulous documentation supports the evidence's authenticity and can be crucial in legal scenarios. While other stages, such as collecting incident information, documenting the electronic crime scene, and identifying electronic evidence, are vital for the overall incident response, they do not involve the same level of risk and necessity for a strictly controlled chain of custody as transporting evidence does. The transportation stage is where the potential for disputes over authenticity can arise, making the chain of custody particularly imperative at this point.

More Questions Like This