The SOC has received reports of slowness across all workstation network segments. The currently installed antivirus has not detected anything, but a different anti-malware product was just downloaded and has revealed a worm is spreading. Which of the following should be the NEXT step in this incident response?
A. Send a sample of the malware to the antivirus vendor and request urgent signature creation.
B. Begin deploying the new anti-malware on all uninfected systems.
C. Enable an ACL on all VLANs to contain each segment.
D. Compile a list of IoCs so the IPS can be updated to halt the spread.
A. Send a sample of the malware to the antivirus vendor and request urgent signature creation.
B. Begin deploying the new anti-malware on all uninfected systems.
C. Enable an ACL on all VLANs to contain each segment.
D. Compile a list of IoCs so the IPS can be updated to halt the spread.