A laptop is recovered a few days after it was stolen. Which of the following should be verified during incident response activities to determine the possible impact of the incident?
A. Full disk encryption status
B. TPM PCR values
C. File system integrity
D. Presence of UEFI vulnerabilities
Correct Answer: D