Imagine a critical system in our environment has been compromised. You receive an alert indicating suspicious activity. Outline the practical steps you would take in responding to this incident, from the initial identification to the resolution. Highlight the key decisions you would make, tools you would use, and how you would collaborate with cross-functional teams to effectively contain and remediate the security incident. Elaborate on how you document and report the incident.