CompTIA CySA+ (CS0-003) — Question 104

A security analyst needs to secure digital evidence related to an incident. The security analyst must ensure that the accuracy of the data cannot be repudiated. Which of the following should be implemented?

Answer options

• A. Offline storage
• B. Evidence collection
• C. Integrity validation
• D. Legal hold

Correct answer: C

Explanation

The correct answer is C, Integrity validation, as it ensures that the data remains unchanged and can be verified for accuracy, preventing any dispute over its authenticity. Options A and B do not directly address the requirement for data accuracy verification, while D, Legal hold, pertains to the preservation of evidence for legal proceedings but does not guarantee integrity.