We are starting to use Process Monitor to monitor apps being installed. There is a lot of data. We look for "http
:" for remote web location, but we also know that it can use IPs or anything else we as regular users may not know. What should we look for to know if an apps is sending to other locations, websites, IPs or drive locations.