Which term refers to the records that show when, where, and by whom evidence was collected?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Boost your cybersecurity skills with our NOCTI Cybersecurity Standard Certification Quiz. Explore detailed questions and explanations to enhance your preparation and succeed on your certification exam!

Multiple Choice

Which term refers to the records that show when, where, and by whom evidence was collected?

Explanation:
The main idea here is preserving the documented path of evidence: who handled it, when it was collected, and where it has been kept. This is known as the chain of custody. Keeping a clear chain of custody ensures the evidence remains authentic and untampered from the moment it is collected to when it is presented or analyzed. A proper chain-of-custody record will note the item’s description and unique identifier, the exact dates and times of collection and transfers, locations, and the names or initials of every person who handled the item, plus any changes in storage conditions or handling procedures. When these records are thorough, they support the integrity and admissibility of the evidence in investigations and potential legal proceedings. An audit trail, by contrast, tracks activities within a system—such as user actions or system events—rather than the custody and handling of evidence itself. An evidence log is typically a simpler list of items with basic details but may not capture the complete transfer history or each individual who touched the evidence. A logbook is a general-purpose record book and isn’t specifically designed to document the formal custody chain of evidence.

The main idea here is preserving the documented path of evidence: who handled it, when it was collected, and where it has been kept. This is known as the chain of custody. Keeping a clear chain of custody ensures the evidence remains authentic and untampered from the moment it is collected to when it is presented or analyzed. A proper chain-of-custody record will note the item’s description and unique identifier, the exact dates and times of collection and transfers, locations, and the names or initials of every person who handled the item, plus any changes in storage conditions or handling procedures. When these records are thorough, they support the integrity and admissibility of the evidence in investigations and potential legal proceedings.

An audit trail, by contrast, tracks activities within a system—such as user actions or system events—rather than the custody and handling of evidence itself. An evidence log is typically a simpler list of items with basic details but may not capture the complete transfer history or each individual who touched the evidence. A logbook is a general-purpose record book and isn’t specifically designed to document the formal custody chain of evidence.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy