After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review? 

Answer options:

A. The vulnerability scan output
B. The IDS logs
C. The full packet capture data
D. The SIEM alerts

A