CompTIA Security+ (SY0-601) — Question 796

After a ransomware attack, a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?

Answer options

• A. The public ledger
• B. The NetFlow data
• C. A checksum
• D. The event log

Correct answer: A

Explanation

The correct answer is A, as the public ledger contains all cryptocurrency transactions and is essential for tracing the flow of funds. The NetFlow data (B) pertains to network traffic rather than specific transactions, while a checksum (C) is used for data integrity verification, not transaction details. The event log (D) records system events but does not provide specific information about cryptocurrency transactions.