Last Updated on November 16, 2023 by InfraExam
Acme, Inc., has suffered a breach, and the SOC team is preparing forensic data for legal action. Which type of data will be collected for this purpose?
- session data
- transaction data
- full packet capture
- external data
|Explanation & Hint:
For the purpose of legal action in response to a breach, full packet capture is a type of data that is often collected. Full packet capture includes the complete network traffic data, capturing all packets transmitted between systems. It is valuable for forensic analysis because it provides a comprehensive record of all network activities, allowing investigators to reconstruct and analyze the details of the breach.