Compare and contrast three types of evidenceImplementing Cisco Cybersecurity Operations (210-255)
Traditionally this term refers to evidence that can be presented in court in its original form. With cybersecurity, most courts will also accept a digital copy if proper procedures are followed.
Evidence that supports a theory or assumption deduced from initial evidence.
Indirect or Circumstantial Evidence
Evidence that requires extrapolation to support a conclusion of fact. Examples include fingerprints and DNA. Forensic information presented by cybersecurity professionals is often considered indirect.