No Result
View All Result
IT Quesion Library
Contribute
No Result
View All Result
No Result
View All Result

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

QuestionsCategory: SY0-601A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?
0 Vote Up Vote Down
Admin Staff asked 12 months ago 
A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

A. Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis.

B. Restrict administrative privileges and patch all systems and applications.

C. Rebuild all workstations and install new antivirus software.

D. Implement application whitelisting and perform user application hardening.





 

Correct Answer: B

This question is in SY0-601 exam
For getting CompTIA Security+ certificate

Next Post

Cisco IOS Popular Commands

Related Questions

Recommended

No Result
View All Result

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In