Acme, Inc., has suffered a breach, and the SOC team is preparing forensic data for legal action. Which type of data will be collected for this purpose?

For the purpose of legal action in response to a breach, full packet capture is a type of data that is often collected. Full packet capture includes the complete network traffic data, capturing all packets transmitted between systems. It is valuable for forensic analysis because it provides a comprehensive record of all network activities, allowing investigators to reconstruct and analyze the details of the breach.