A security analyst, while doing a security scan using packet c capture security tools, noticed large volumes
of data images of company products being exfiltrated to foreign IP addresses. Which of the following is
the FIRST step in responding to scan results?
A.
Incident identification
B.
Implement mitigation
C.
Chain of custody
D.
Capture system image