CompTIA CySA+ (CS0-001) — Question 238

A computer at a company was used to commit a crime. The system was seized and removed for further analysis. Which of the following is the purpose of labeling cables and connections when seizing the computer system?

Answer options

• A. To capture the system configuration as it was at the time it was removed
• B. To maintain the chain of custody
• C. To block any communication with the computer system from attack
• D. To document the model, manufacturer, and type of cables connected

Correct answer: A

Explanation

The correct answer is A because labeling cables and connections helps recreate the exact system configuration at the time of seizure, which is crucial for forensic analysis. Option B, while important for legal processes, does not directly relate to the purpose of labeling in this context. Option C is not applicable as the focus is on documentation rather than preventing communication, and option D, although relevant for other purposes, does not capture the primary goal of maintaining the system's configuration.