- What items are potential sources of network evidence?
A) Switches
B) Routers
C) Firewalls
D) All of the above
- Network diagrams are important in identifying potential areas where network evidence can be acquired.
A) True
B) False
- Which of the following is not a network forensic evidence capture tool?
A) RawCap
B) Wireshark
C) WinPcap
D) LogBeat
- When conducting evidence acquisition, it is not important to record the hash value of the file.
A) True
B) False