During the incident response process, the cybersecurity analyst needs to document the specifics of an incident. Which among the following choices represents the purpose of including the 'where' component in an incident response report?
To establish when the incident took place
To specify the physical or logical location of the incident
To determine who is responsible for the incident
To hypothesize the motive behind the incident