ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam 220-1002 All Questions

View all questions & answers for the 220-1002 exam
Go to Exam

Exam 220-1002 topic 1 question 380 discussion

Actual exam question from CompTIA's 220-1002
Question #: 380
Topic #: 1
[All 220-1002 Questions]

A user opens a phishing email and types logon credentials into a fake banking website. The computer's antivirus software then reports it has quarantined several temporary Internet files. A technician disconnects the computer from the network. Which of the following should the technician perform NEXT?

  • A. Have the user change the password.
  • B. Update the antivirus software and run scans.
  • C. Disable the user's local computer account.
  • D. Quarantine the phishing email.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Abrasive123 at June 3, 2021, 6:19 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Jay5084
Highly Voted 3 years, 11 months ago
UGH! They need to give references for some of these answers
upvoted 6 times
ronah
3 years, 5 months ago
it's phishing, so the first thing to do is the password change. it has nothing to do with quarantine etc.
upvoted 3 times
...
...
bru_h
Highly Voted 3 years, 7 months ago
why is not A? the password is not more safe, we are talking about internet banking! be sure the account is safe again and then mind on other problems
upvoted 5 times
syougun200x
3 years, 5 months ago
I agree. His bank account is in serious danger.
upvoted 2 times
...
...
Tp2008
Most Recent 1 year, 3 months ago
(Options A) - The next step the technician should perform is not disabling the user's local computer account. Instead, they should take the following actions: 1. Change Password 2. Scan and Clean 3. Monitor Accounts 4. Educate the User 5. Review Security Policies Remember that disabling the user’s local computer account is not a recommended step in this scenario. Instead, focus on securing the user’s accounts, cleaning the system, and educating the user to prevent similar incidents in the future.
upvoted 1 times
...
Elicious
2 years, 10 months ago
the only way I see C as the correct answer is if CompTIA considers disabling the local user account part of isolating it from the network in this instance.
upvoted 1 times
...
JJay99
3 years, 1 month ago
this is about phishing, it's not asking for malware and virus procedures. Since the scenario is about typing banking info to a phishing website the first thing you want to do is change your password. isolating the PC from the network has nothing to do with it
upvoted 1 times
...
iLikeBeagButt
3 years, 1 month ago
Selected Answer: A
A. Have the user change the password. Change the username and password immediately using a clean device before they steal all your money! Hurry up!
upvoted 2 times
...
chan_chahal
3 years, 1 month ago
I think the answer is correct. They said what will the technician NEXT. Maybe he already changed the password for the user ( as it is the FIRST thing to do ). After that its the computers turn - so then he disconnected it from network and then the NEXT possible answer would be Disable the users account.
upvoted 1 times
...
Michael_Austin
3 years, 5 months ago
Answer is A CompTIA A+ removing malware steps: 1. Identify/research symptoms 2. Quarantine (remove from network) 3. Disable system restore 4. Remediate infected system (change passwords, perform data backups, etc) 5. Schedule scans and run updates 6. Enable restore (manually create a restore point) 7. Educate the user.
upvoted 2 times
...
maw619
3 years, 8 months ago
Disable the users account because the user typed in his logon credentials.
upvoted 3 times
...
adeshtall
3 years, 8 months ago
Ha has already idetifies the Symptoms, quarentine, he need to run scan and disinfect the system guys . Im going with B.
upvoted 3 times
...
adeladay
3 years, 9 months ago
ANS: Have the user change the password first then make any research does the link have any backdoor excite on the pc
upvoted 4 times
...
adeladay
3 years, 9 months ago
ANS: Have the user change the password first then make any research does the link have any backdoor excut on the pc
upvoted 3 times
...
Granddude
3 years, 10 months ago
IF the PC is disconnected from the network, what's the point of disabling the user account? "Have the user change the password" would make more sense if it said, "Have the user change the banking website password" Maybe in Comptia land, that's what it means? But, how can any password be changed if the PC is unplugged from the network?!?!?!? too many assumptions to this question
upvoted 2 times
...
adeshtall
3 years, 10 months ago
C <make sense since he has disconnected, he can run anti virus then change password.
upvoted 4 times
...
elsuper
3 years, 10 months ago
Most of the temporary internet files were quarantined so changing password is not the answer..... disabling the local account will help remediate the problem
upvoted 1 times
elsuper
3 years, 10 months ago
upon second thought that dont make sense either
upvoted 2 times
...
...
fnwilliamson
4 years ago
which they would explain the logic of these answers lol
upvoted 4 times
...
Abrasive123
4 years ago
Why not A?
upvoted 4 times
JE39
4 years ago
I agree. The normal malware procedure would be disable system restore and then remediation but in this specific case, common sense is you have them change their credentials and inform the bank (even thought that's not an option). Not sure how local account is relevant here.
upvoted 5 times
EllAzaravog9876544
3 years, 10 months ago
CompTIA does not ask for common sense that's where they get you.
upvoted 3 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel