CompTIA Security Exam Practice Questions Sample SY0 501 Q444

A security analyst is acquiring data from a potential network incident.
Which of the following evidence is the analyst MOST likely to obtain to determine the incident?

A. Volatile memory capture
B. Traffic and logs
C. Screenshots
D. System image capture


Correct Answer: B