What is the best plugin to get the parameters given to an executable launched by command line ?

To crack a password hash, I can use a symbols table ?

The EPROCESS list is a doubly linked list giving for each process the next and previous one ?

C:\System32\svchost.exe running on a computer seems legit ?

The Traffic Light Protocol helps define the level of confidentiality of a document so the recipients know how they can share it ?

If the computer you have to examinate has been shutdown, what is your best way to analyze volatile data ?

svcscan plugin helps us identifying persistance mecanisms ?

Cyberchef allows you to decode Base 64 or other encoded messages and helps you deobfuscate texts

Dumping a process allows me to calculate its hash and then check the hash against VirusTotal to qualify wether or not the process is malicious ?