An IT security engineer notices that the company’s web server is currently being hacked. What
should the engineer do next?
A.
Unplug the network connection on the company’s web server.
B.
Determine the origin of the attack and launch a counterattack.
C.
Record as much information as possible from the attack.
D.
Perform a system restart on the company’s web server.