An incident responder receives a call from a user who reports a computer is exhibiting symptoms consistent with a malware infection.
Which of the following steps should the responder perform NEXT?
Capture and document necessary information to assist in the response.
Request the user capture and provide a screenshot or recording of the symptoms.
Use a remote desktop client to collect and analyze the malware in real time.
Ask the user to back up files for later recovery.