During a security incident, a responder discovers malware on a compromised host. What is the FIRST action that should be taken according to incident response best practices?
-
A
Immediately reimage the system
-
B
Isolate the system from the network while preserving volatile memory
-
C
Delete all suspicious files
-
D
Notify law enforcement immediately