An information security manager suspects that the organization has suffered a ransomware attack. What should be done FIRST?

A. Notify senior management.
B. Alert employees to the attack.
C. Confirm the infection.
D. Isolate the affected systems.