Your forensics has offered the initial response explaining the meaning behind the cyber-terrorism case and the several kinds of the evidence associated. In preliminary investigative discussion your POC for the cyber-terrorism case would like for your team to disclose in your Forensics Plan explain how you will approach incident review, to involve the identification of any collection requirements for attaining and authenticating the evidence. To ensure your team is operating legally in investigation the POC has requested also in Forensics Plan how your team will approach any legal restrictions and determination of the intent and scope. You will offer the POC additionally as a matter of procedure the known facts of incident and what are the procedures were utilized during the initial case reviews.
Describe how will you approach incident review, to involve the identification of any collection requirements for attaining and authenticating the evidence?