When acquiring evidence, what can you use to validate that data and applications were not modified after analysis?
- Network and traffic logs
- Hashes or checksums of data
- Time offset data
Explanation: Hashes or checksums of all data and applications before and after any analysis, to validate that they were not modified.
Exam with this question: Cybersecurity Essentials Module 6 Quiz Answers