The incident response team was notified of detected malware. The team identified the infected hosts, removed the malware, restored the functionality and data of infected systems, and planned a company meeting to improve the incident handling capability.
Which step was missed according to the NIST incident handling guide?
A . Contain the malware
B . Install IPS software
C . Determine the escalation path
D . Perform vulnerability assessment