ExamGecko
Search Search Login
Home Home / CompTIA / 220-1102
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A systems administrator is setting up a Windows computer for a new user Corporate policy requires a least privilege environment. The user will need to access advanced features and configuration settings for several applications. Which of the following BEST describes the account access level the user will need?
A technician installed a known-good, compatible motherboard on a new laptop. However, the motherboard is not working on the laptop. Which of the following should the technician MOST likely have done to prevent damage?
A technician is troubleshooting an issue involving programs on a Windows 10 machine that are loading on startup but causing excessive boot times. Which of the following should the technician do to selectively prevent programs from loading?
Which of the following must be maintained throughout the forensic evidence life cycle when dealing with a piece of evidence?
A change advisory board did not approve a requested change due to the lack of alternative actions if implementation failed. Which of the following should be updated before requesting approval again?
A user reports a PC is running slowly. The technician suspects it has a badly fragmented hard drive. Which of the following tools should the technician use?
Which of the following is the MOST cost-effective version of Windows 10 that allows remote access through Remote Desktop?
A user rotates a cell phone horizontally to read emails, but the display remains vertical, even though the settings indicate autorotate is on. VT1ich of the following will MOST likely resolve the issue?
A technician is setting up a new laptop for an employee who travels, Which of the following is the BEST security practice for this scenario?
A user reports that antivirus software indicates a computer is infected with viruses. The user thinks this happened white browsing the internet. The technician does not recognize the interface with which the antivirus message is presented. Which of the following is the NEXT step the technician should take?

Question 395 - 220-1102 discussion

Report
Export

A workstation is displaying a message indicating that a user must exchange cryptocurrency for a decryption key. Which of the following is the best way for a technician to return the device to service safely?

A.
Run an AV scan.
Answers
A.
Run an AV scan.
B.
Reinstall the operating system
Answers
B.
Reinstall the operating system
C.
Install a software firewall.
Answers
C.
Install a software firewall.
D.
Perform a system restore.
Answers
D.
Perform a system restore.
E.
Comply with the on-screen instructions.
Answers
E.
Comply with the on-screen instructions.
Suggested answer: B

Explanation:

The best way for a technician to return the device to service safely is to reinstall the operating system. This is because the device is infected by ransomware, which is a form of malware that encrypts files and demands payment for decryption. Reinstalling the operating system will erase the ransomware and restore the device to its original state. However, this will also delete any data that was not backed up before the infection. Therefore, it is important to have regular backups of critical data and protect them from ransomware attacks1.

The other options are not effective or safe for ransomware recovery. Running an AV scan may not detect or remove the ransomware, especially if it is a new or unknown variant. Installing a software firewall may prevent future attacks, but it will not help with the current infection. Performing a system restore may not work if the ransomware has corrupted or deleted the restore points.

Complying with the on-screen instructions is not advisable, as it will encourage the attackers and there is no guarantee that they will provide the decryption key after receiving the payment.

To prevent and recover from ransomware attacks, it is recommended to follow some best practices, such as234:

Use strong passwords and multifactor authentication for all accounts and devices.

Keep all software and firmware updated with the latest security patches.

Avoid opening suspicious or unsolicited emails and attachments.

Educate users and staff on how to recognize and report phishing and social engineering attempts.

Use antivirus software and enable real-time protection.

Enable network segmentation and firewall rules to limit the spread of ransomware.

Implement a Zero Trust security model to verify all requests and devices before granting access.

Create and test backups of critical data and store them offline or in a separate network.

Recover safely by isolating the infected devices, identifying the ransomware variant, and restoring data from backups.

Report any ransomware incidents to law enforcement agencies and seek help from experts.

Show Answer
asked 02/10/2024
jonathan siu
41 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms