Evaluation should include
- examining data before, during, and after the test
- identifying anomalies in the data collected
- explaining the chain of custody for the physical material and the data
- identifying the value of the data to an intruder
- identifying at what point the data is at risk during the testing.
Process/Skill Questions:
- What are the risks?
- What are the vulnerabilities?
- What are the assets affected?
- How would an animal, plant, soil, and/or mechanical test reveal a cyber intrusion?