Are you preparing for the Security+ exam? If so, make sure you understand some basics related to forensics.
See if you can you answer this sample practice test question.
Q. After a recent incident, a forensic analyst was given several hard drives to analyze. What should the analyst do first?
A. Take screenshots and capture system images.
B. Take hashes and screenshots.
C. Take hashes and capture system images.
D. Perform antivirus scans and create chain-of-custody documents.
Check out the answer and full explanation here.