ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam 220-1102 All Questions

View all questions & answers for the 220-1102 exam
Go to Exam

Exam 220-1102 topic 1 question 602 discussion

Actual exam question from CompTIA's 220-1102
Question #: 602
Topic #: 1
[All 220-1102 Questions]

An organization’s critical database files were attacked with ransomware. The company refuses to pay the ransom tor a decryption key. All traces of the infection have been removed from the underlying servers Which of me following should the company do next?

  • A. Scan all of tie infected files with up-to-date, anti-malware cleaning software.
  • B. Fully patch the server operating systems hosting the fileshares.
  • C. Change the files to be read-only.
  • D. Restore critical data from backup.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Nate_A at Nov. 15, 2024, 3:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Nate_A
5 months, 3 weeks ago
D. Restore critical data from backup. Since the ransomware has already encrypted the files, the most effective way to recover the data is to restore it from a backup. A well-maintained backup system should have regular backups of critical data, allowing the organization to restore its systems to a previous state and recover the encrypted files. While scanning the files with anti-malware software and patching the servers are important security measures, they won't recover the encrypted data. Changing the files to read-only may prevent further damage, but it won't restore the original data. Google Gemini
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago