Response should include
interpreting results; determining whether threats are real or misidentified
containing and/or deleting identified/verified threats
repeating steps 1 and 2 until no threats are found.