An offline audit log contains the source IP address of a session suspected to have exploited a vulnerability resulting in system compromise.
Which kind of evidence is this IP address?
A. best evidence
B. corroborative evidence
C. indirect evidence
D. forensic evidence