Evidence Collection for Inferring Malicious Activity/Person | CAP Exam Study Guide

Evidence Collection for Inferring Malicious Activity/Person

Question

Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

A.

The collection of facts that, when considered together, can be used to infer a conclusion about malicious activity or a person is known as evidence. In a security assessment and authorization context, it's essential to understand the different types of evidence that may be encountered, as well as how to use and evaluate them effectively. The four types of evidence listed in the question are:

A. Circumstantial Evidence: Circumstantial evidence refers to indirect evidence that implies something without directly proving it. It is based on inference and can be used to create a hypothesis, but it does not offer conclusive proof. Circumstantial evidence can be used to build a case and provide context to other evidence, but it is not enough on its own to prove malicious activity or intent.

B. Incontrovertible Evidence: Incontrovertible evidence is evidence that is undeniable and cannot be disputed. It is concrete, factual, and often supported by physical or digital evidence, such as video footage or a digital trail. Incontrovertible evidence is often the most compelling type of evidence in a security assessment and authorization context, as it provides definitive proof of malicious activity or intent.

C. Direct Evidence: Direct evidence is evidence that directly proves something, without inference or interpretation. It includes eyewitness testimony, confessions, and other first-hand accounts. Direct evidence is also compelling, but it is often difficult to obtain in a security context.

D. Corroborating Evidence: Corroborating evidence is evidence that supports or confirms other evidence. It can be circumstantial or direct, and it can be used to strengthen a case by providing additional context or supporting details. Corroborating evidence can help create a more complete picture of malicious activity or intent.

In summary, when evaluating evidence in a security assessment and authorization context, it's important to understand the different types of evidence available, their strengths and limitations, and how they can be used together to build a compelling case. Circumstantial evidence can provide context but is not enough on its own, while direct and incontrovertible evidence are the most compelling types of evidence. Corroborating evidence can support and strengthen other evidence, making the case more convincing.