During an incident response, an organization has identified an infected workstation that is part of a botnet and is communicating with external command and control servers. What is the BEST immediate action to contain this threat?
Change access controls on the infected workstation
Perform a vulnerability scan to identify the infected workstation
Isolate the infected workstation from the network
Capture network traffic to analyze the communication with the command and control servers