Nutanix Flow Network Security provides built-in Quarantine category values, including Strict and Forensic. Nutanix documentation states that Strict blocks all inbound and outbound traffic, while Forensic is specifically intended for situations where you want to quarantine the VM but still allow connectivity for forensic access. The documentation also notes that you can configure the allow behavior for forensic mode, which is exactly what this incident-response scenario requires. Therefore A is the correct answer.

This is a strong example of why built-in categories matter operationally. The organization wants a change that can be applied quickly during an incident and does not require redesigning existing policies. Assigning the VM to the Quarantine: Forensic category accomplishes both goals: it uses an existing system-defined control and preserves investigator access. Strict mode would over-isolate the VM and block the forensic tooling too. Thus the most authentic Nutanix response is A.