During a security incident, a responder discovers malware on a compromised host.What is the FIRST action that should be taken according to incident response best practices?