A company recently experienced a security breach. The security start determined that the intrusion was due to an out-of-date proprietary software program running on a noncompliant server. The server was imaged and copied onto a hardened VM. with the previous connections re-established.
Which of the Mowing Is the NEXT step in the incident response process?
A . Recovery
B . Eradication
C . Lessons learned
D . Containment
E . Identification
Answer: E