Act as a Senior Security Operations Center (SOC) Manager. Draft a comprehensive Incident Response Plan for a scenario where an APT (Advanced Persistent Threat) group has deployed Ryuk ransomware via a phishing attack, encrypting the domain controllers and backup servers. Your response must include the technical steps for identification, containment (including network segmentation commands), eradication, and recovery. Additionally, outline the specific forensic artifacts you would collect for memory and disk analysis and explain how you would determine the initial access vector and persistence mechanisms.