Refer to the exhibit. What does this indicate?
File modification during backup leads to checksum mismatch.
Why this answer
The exhibit shows a backup verification failure where the checksum or hash of the source file does not match the backup copy. This typically occurs when the source file is modified during the backup process (e.g., an open file that is being written to), causing the verification algorithm to detect a mismatch. The correct answer is A because the backup software correctly identifies that the source changed, not that the backup medium or file is corrupt.
Exam trap
ISC2 often tests the distinction between backup file corruption and source file modification during backup, trapping candidates who assume any verification failure means the backup is corrupt, when the exhibit's wording or error message explicitly points to a source change.
How to eliminate wrong answers
Option B is wrong because backup medium errors (e.g., bad sectors on tape or disk) would typically manifest as read/write failures or CRC errors during the backup or verification process, not as a checksum mismatch specifically indicating a source file change. Option C is wrong because the verification algorithm (e.g., MD5, SHA-1, or SHA-256) is a standard cryptographic hash function; if it were incorrect, the backup software would fail to compute any valid hash, not produce a mismatch between source and backup. Option D is wrong because a corrupt backup file would usually fail verification with a hash mismatch, but the exhibit explicitly indicates the source file changed during backup, which is a distinct scenario from post-backup corruption.