CompTIA CASP+ CAS-004 – Question096

A user from the sales department opened a suspicious file attachment. The sales department then contacted the SOC to investigate a number of unresponsive systems, and the team successfully identified the file and the origin of the attack.
Which of the following is the NEXT step of the incident response plan?

A.
Remediation
B. Containment
C. Response
D. Recovery