I am looking for recommendations for training for first line help desk/desktop support staff for handling ransomware or other types of malware. Basically a what to do vs what not to do to assess and isolate the affected device to stop the spread. Not looking for a forensics deep dive, but at the same time, something more than just unplugging the network cable.
Any suggestions?