A security analyst has received information from a third-party intelligence-sharing resource that indicates employee accounts were breached.
Which of the following is the NEXT step the analyst should take to address the issue?
A . Audit access permissions for all employees to ensure least privilege.
B . Force a password reset for the impacted employees and revoke any tokens.
C . Configure SSO to prevent passwords from going outside the local network.
D . Set up privileged access management to ensure auditing is enabled.
Answer: B