You are working as a cybersecurity analyst for a 3rd party contractor. You have been brought in by an organization who believes they were hacked by a malicious actor. Their internal security team has hired you to determine the impact of the unauthorized access. At the time of the intrusion there were 5 servers online: DEV_APP_001, PRD_APP_002, PRD_DB_008, STG_DB_004 and FINANCE_009. What step should you take to begin the analysis?
Begin analyzing each server after prioritizing them based on the data stored on each server
Create a snapshot backup and then reformat each server
Begin hardening all servers immediately before the impact analysis starts
Create a new server running Kali Linux and make necessary firewall changes to allow it to access all the listed servers