Practice Test Question-Evidence Gathering

Practice Test Question-Evidence Gathering

Practice Test Question-Evidence Gathering

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.

Tom is a forensic analyst conducting a security investigation at his company after the firm experienced a data breach. He is planning to speak with some employees to gather evidence and suspects they may have been complicit in the breach. Which one of the following statements is incorrect about these conversations?

A. Tom may not speak with employees without first advising them of their rights because he suspects they were involved in a security incident
B. Interviews should be friendly and non-aggressive

C. Tom may ask employees difficult questions during the interview

D. Tom should consult Human Resources before speaking with employee who may have been involved in the incident

Correct Answer:A

One of the keys to answering this question is understanding the difference between interviews and interrogations. In an interview, Tom may ask difficult questions, but should do so in a non-confrontational manner. If Tom gets more aggressive, he crosses the line from interview to interrogation. Tom should always consult with Human Resources before involving employees in an investigation, but he does not need to advise employees of their rights because he is not a law enforcement officer. So, that is the correct answer to this question.


Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test!

No Comments

Post A Comment