After discovering a security incident and removing the affected files, an administrator disabled an unneeded service that led to the breach.
Which of the following steps in the incident response process has the administrator just completed?
A . Containment
B . Eradication
C . Recovery
D . Identification
Answer: B