The analyst’s first consideration when performing an investigation with the potential for legal action is authorization to collect. Authorization to collect is the process of obtaining the necessary permissions and approvals to collect the evidence from the relevant sources, such as the owners, custodians, or authorities. Authorization to collect is essential to ensure the legality, validity, and admissibility of the evidence, as well as to protect the rights and privacy of the parties involved. Authorization to collect can also prevent any legal or ethical issues that may arise from unauthorized or improper collection of evidence. The other options are not the first considerations when performing an investigation with the potential for legal action, as they either come after the collection of evidence, or do not relate to the legal aspect. References: CISSP - Certified Information Systems Security Professional, Domain 7. Security Operations, 7.3 Conduct or support investigations, 7.3.1 Collect evidence, 7.3.1.1 Authorization to collect; CISSP Exam Outline, Domain 7. Security Operations, 7.3 Conduct or support investigations, 7.3.1 Collect evidence, 7.3.1.1 Authorization to collect
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit