Back to Incident Response and Forensics

eDiscovery

5 minutes 5 Questions

eDiscovery, short for electronic discovery, is the process of identifying, collecting, and producing electronically stored information (ESI) as evidence in legal matters. The ESI can include emails, documents, chat logs, databases, and more. eDiscovery often intersects with digital forensics as it …

Test mode:
Start practice test
CompTIA Security+ - eDiscovery Example Questions

Test your knowledge of eDiscovery

Question 1

A company is conducting an eDiscovery process for a pending lawsuit. They need to ensure any sensitive data related to the lawsuit is preserved. Which process should the company focus on during the eDiscovery process?

Correct Answer: Data preservation

In a legal eDiscovery process, data preservation is crucial to ensure relevant evidence is protected and available for review. While the other options might be part of data management, they do not focus on maintaining and securing the sensitive information needed for litigation.

Question 2

A company is preparing for a legal case and is looking for evidence regarding a deleted email. They are unable to find a copy in the primary system. Where should they search next?

Correct Answer: Backup storage

Backup storage is where organizations store copies of their most critical data, including email. It is the most likely location where the company will find the deleted email. The other options have minimal chances of containing the email or may not store it at all.

Question 3

A company believes one of its employees is leaking sensitive business information to a competitor. They need to identify all communication data related to this employee. What type of evidence should they focus on collecting?

Correct Answer: Transitory data

Transitory data refers to temporary information such as emails, instant messages, and other communications used by an individual. It is crucial to collect this data to identify any leaks or unauthorized sharing of sensitive information. The other options do not specifically focus on communication-related evidence.

More eDiscovery questions
13 questions (total)
Start 13 question test