A security team received a regulatory notice asking for information regarding collusion and pricing from staff members who are no longer with the organization.
The legal department -
provided the security team with a list of search terms to investigate.
This is an example of:
The scenario described involves the legal department asking the security team to investigate specific information using search terms, which entails identifying, collecting, and analyzing electronically stored information (ESI). This process aligns closely with e-discovery, which is specifically used to gather digital evidence in response to legal requests. Due diligence refers to the comprehensive appraisal of an organization to establish its assets and liabilities, while due care involves acting reasonably to prevent harm. Legal hold is the preservation of data to prevent its deletion or alteration in anticipation of litigation, but does not directly involve the investigative search process described.
e-Discovery describes the electronic component of identifying, collecting, and providing the electronically stored information (ESI) identified by a legal hold. The scope of information included in e-Discovery can be vast and include everything from files, emails, logs, text messages, voicemail, databases, and social media activity. The scope of information requested in an e-Discovery request can be difficult for many organizations to comply with. For organizations that are involved in regular legal activities, generally large organizations and government, specific strategies are often employed to defend against e-Discovery requests. Defenses often include well-crafted data retention policies that define stringent periods for which data can be retained. However, data retention polices cannot conflict with existing laws that dictate retention periods. From the CASP+ official comptia study guide
Easily option B. E-discovery is a form of digital investigation that attempts to find evidence in email, business communications and other data that could be used in litigation or criminal proceedings. The traditional discovery process is standard during litigation, but e-discovery is specific to digital evidence. The evidence from electronic discovery could include data from email accounts, instant messages, social profiles, online documents, databases, internal applications, digital images, website content and any other electronic information that could be used during civil and criminal litigation. The security team can only provide those info (digital or electronic) to the legal dept requesting it. Maybe they are also the custodian of the environment.
Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
ChatGPT-4 answer B. e-discovery. This is an example of electronic discovery (e-discovery), which refers to the process of identifying, collecting, and producing electronically stored information (ESI) in response to a legal or regulatory request. In this case, the legal department has provided the security team with a list of search terms to investigate, indicating that they are trying to gather relevant data and information related to the collusion and pricing allegations. E-discovery is often a crucial part of litigation, regulatory compliance, and internal investigations.
E-discovery, also known as electronic discovery or digital discovery, is the process of identifying, collecting, and producing electronically stored information (ESI) in response to a legal request or notice. In this case, the security team has received a regulatory notice asking for information regarding collusion and pricing from former staff members, and the legal department has provided them with a list of search terms to use in their investigation. This is an example of e-discovery, as the security team is using search terms to identify and collect ESI that is relevant to the regulatory request.
Read the question: this one is tricky the question is asking for the last part of the question.
I believe the answer is D because of the keyword "notice". a legal hold describes a notice received by an organization's legal team
It's a notice 'for information'. It then lists the following information to retrieve. A 'hold' would be to prevent any information from being deleted.
You receive a regulatory notice to perform investigation on somebody based on a list of search terms. What is that process called? e-discovery. Answer is B
due diligence A legal principal that a subject has used best practice or reasonable care when setting up, configuring, and maintaining a system. e-discovery Procedures and tools to collect, preserve, and analyze digital evidence.
answer is D.. i came back here to correct my mistake. Preserve all relevant information. e-Discovery is the tool to perform the task like MS Purview or MS e-Discovery does for EXO.
e-Discovery is the process of collecting and reviewing electronically stored data for use in legal proceedings. In this case, the security team is using the list of search terms provided by the legal department to investigate the potential for collusion and pricing. This is an example of e-discovery. answer is B
The process described in the scenario, where the security team is asked to search for specific terms related to collusion and pricing from former staff members, is an example of e-discovery
e-Discovery refers to the process of identifying, collecting, and producing electronically stored information (ESI) in response to a request for production in a lawsuit or investigation. Legal hold is the act of preserving data to prevent deletion or alteration, it defines by the industry legal and the local regulatory. While it is a part of the overall e-Discovery process, but the question asks for searching and finding information within the current data store, not asking for how and how long the data is keeping.
A legal hold, or litigation hold, describes the notification received by an organization's legal team instructing them to preserve electronically stored information (ESI) and/or paper documents that may be relevant to a pending legal case. Legal hold authority can be complicated by jurisdiction, but these details are managed by legal teams. It is imperative that the cybersecurity team be notified of legal holds as soon as possible in order to ensure data is preserved in accordance with the order. Legal hold requirements often exceed the data protection and retention periods ordinarily in place. Forgot to post but from same source
legal hold A process designed to preserve all relevant information when litigation is reasonably expected to occur.
This is an example of due diligence. From the Official Cert-Guide - Due diligence is all about gathering information. Organizations must institute the appropriate procedures to determine any risks to organizational assets. Due diligence provides the information necessary to ensure that the organization practices due care. Without due diligence, due care cannot occur. Due care is all about action. Organizations must institute the appropriate protections and procedures for all organizational assets, especially intellectual property.
I was wrong is legal hold
e-Discovery describes the electronic component of identifying, collecting, and providing the electronically stored information (ESI) identified by a legal hold. So the answer should be legal hold