A company has recently discovered that an unauthorized party accessed their cloud storage service. Upon investigation, it is found that several files contain a backdoor that was used for data exfiltration. In addition to changing passwords and reissuing keys, which of the following is the MOST important immediate action the cloud administrator should take to prevent further data loss?
Commencing a detailed analysis of access and activity logs
Disabling non-critical cloud services to limit the attack surface
Revoking unnecessary credentials
Isolating the affected systems