ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam 220-1002 All Questions

View all questions & answers for the 220-1002 exam
Go to Exam

Exam 220-1002 topic 1 question 334 discussion

Actual exam question from CompTIA's 220-1002
Question #: 334
Topic #: 1
[All 220-1002 Questions]

Many of the files in a user's network folder have a new file extension and are inaccessible. After some troubleshooting, a technician discovers a text document that states the files were intentionally encrypted, and a large sum of money is required to decrypt them.
Which of the following should the technician do to recover the files?

  • A. Restore the network folder from a backup.
  • B. Perform a System Restore on the computer.
  • C. Update the malware scanner and run a full scan.
  • D. Disconnect the computer from the network.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by JoeyPF at April 4, 2021, 7:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
JE39
Highly Voted 4 years ago
Seems to me the question asks very specifically about restoring the files, not the malware process, not the next step in the process but how would one get back files that are encrypted due to ransomware. The answer to that is that you have to restore from a last known good back up. If it asked about how to deal with the malware that may have resulted in the ransomware or what is the first thing to do, then the other answers make sense.
upvoted 20 times
...
shogo11
Highly Voted 4 years, 2 months ago
the question should ask what the technician should do "First" to recover the files. but it only asks what to do recover files only which should be restore files....
upvoted 8 times
...
ZioPier
Most Recent 2 years, 1 month ago
Selected Answer: D
It looks like it doesn't make sense, but have to really pay attention to the details. Everybody I thinking is a ransomware and I think is right. Now... we are talking about folders on the network that ate claimed as locked. A ransomware really unlikely is in the server, but is probably in the device. If you try to access from a clean computer, probably the folders will still be accessible. So the problem is not the network, but the device. The solution is to disconnect the device and sort it. Once reconnected to the network the folders will be available again
upvoted 1 times
...
iLikeBeagButt
3 years, 2 months ago
Selected Answer: A
The question is very specific by asking what to do to "recover the files" so the answer should be A. It's not asking what to do First or Next...
upvoted 2 times
...
HisFave
3 years, 9 months ago
It's CompTIA people...the answer is D.
upvoted 2 times
...
dnbly
4 years, 2 months ago
CompTIA logic, always quarantine threats before taking other action.
upvoted 4 times
dnbly
4 years, 2 months ago
Makes sense for this question too because restoring the backup does not remove the threat therefore it could simply encrypt the files again after restoration.
upvoted 2 times
...
...
JoeyPF
4 years, 3 months ago
Its a network folder, those are usually on a server and accessed via user profile. Doing anything to the computer most likely wouldn't resolve the issue. Its either A or C
upvoted 5 times
dnbly
4 years, 2 months ago
Go study how network folders work some more, particularly Folder Redirection. Software installed on a PC can definitely modify server-based user files.
upvoted 2 times
...
giftedhands
4 years, 2 months ago
C is the most suitable answer as the question stated "...to recover the files..."
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel