While an employee is on vacation, suspicion arises that the employee has been involved in malicious activity on the network. The security engineer is concerned the investigation may need to continue after the employee returns to work. Given this concern, which of the following should the security engineer recommend to maintain the integrity of the investigation?
A) Create archival copies of all documents and communications related to the employee
B) Create a forensic image of network infrastructure devices
C) Create an image file of the employee's network drives and store it with hashes
D) Install a keylogger to capture the employee's communications and contacts

Question

Quizplus · Accepted Answer

The Answer of While an employee is on vacation, suspicion arises that the employee has been involved in malicious activity on the network. The security engineer is concerned the investigation may need to continue after the employee returns to work. Given this concern, which of the following should the security engineer recommend to maintain the integrity of the investigation?
A) Create archival copies of all documents and communications related to the employee
B) Create a forensic image of network infrastructure devices
C) Create an image file of the employee's network drives and store it with hashes
D) Install a keylogger to capture the employee's communications and contacts

While an Employee Is on Vacation, Suspicion Arises That the Employee