A regulatory organization sends an email to an information security manager warning of an impending cyber-attack. The information security manager should
FIRST:
A. validate the authenticity of the alert
B. determine whether the attack is in progress
C. alert the network operations center
D. reply asking for more details