ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam 220-1002 All Questions

View all questions & answers for the 220-1002 exam
Go to Exam

Exam 220-1002 topic 1 question 420 discussion

Actual exam question from CompTIA's 220-1002
Question #: 420
Topic #: 1
[All 220-1002 Questions]

A recent ransomware attack caused several datasets to be inaccessible. Security technicians were able to mitigate any additional attacks and remove any unauthorized software. Which of the following should the technicians do NEXT?

  • A. Run an antivirus tool.
  • B. Boot to the Recovery Console.
  • C. Update the software firewall.
  • D. Restore from backup.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Abrasive123 at June 2, 2021, 6:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Abrasive123
Highly Voted 3 years, 11 months ago
Update the software firewall? That's not even part of seven step malware removal process. Most likely correct answer should be restore from back up as the key term in question is file inaccessible.
upvoted 12 times
JE39
3 years, 10 months ago
Agreed. Ransomware in most cases make data unrecoverable and the most important strategy to deal with the threat is frequent back ups.
upvoted 3 times
...
TripeV
3 years, 3 months ago
update the software firewall is definately part if the seven steps. Please seel below: CompTIA has identified a seven-step best practice procedure for malware removal: 1. Identify and research malware symptoms. 2. Quarantine infected systems. 3. Disable System Restore (in Windows). 4. Remediate infected systems: • Update anti-malware software. • Scan and use removal techniques (Safe Mode, Pre-installation environment). 5. Schedule scans and run updates. 6. Enable System Restore and create restore point (in Windows). 7. Educate end user.
upvoted 4 times
...
...
Passngrass
Most Recent 2 years, 8 months ago
Backup seems like it would be the best for restoring functionality as quickly as possible but not apart of the remediation steps but updates surely is the next step in malware removal.
upvoted 2 times
...
Gilber507
3 years, 1 month ago
Luego de remediar los sistema, se debe programar scaneos en este caso no esta la opcion de programas, entonces actualizar cortafuegos.
upvoted 2 times
...
Nssh
3 years, 6 months ago
D is correct
upvoted 4 times
...
DJGeorgeCostanza
3 years, 9 months ago
Only reason I'd even suspect firewall is to prevent further attack through the network from outside the firewall, but the question never states how the infection started -- so if that is the answer, it's sorta out of left field. Backup seems like a safe answer to choose.
upvoted 3 times
Granddude
3 years, 8 months ago
Wouldn't restoring from backup possibly reinfect the system?
upvoted 4 times
iLikeBeagButt
2 years, 12 months ago
That's system restore not backup...
upvoted 2 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago