During an incident response, an organization has identified an infected workstation that is part of a botnet and is communicating with external command and control servers. What is the BEST immediate action to contain this threat?
Perform a vulnerability scan to identify the infected workstation
Change access controls on the infected workstation
Capture network traffic to analyze the communication with the command and control servers
Isolate the infected workstation from the network