ExamGecko
Search Search Login
Home Home / CompTIA / 220-1102
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A systems administrator is setting up a Windows computer for a new user Corporate policy requires a least privilege environment. The user will need to access advanced features and configuration settings for several applications. Which of the following BEST describes the account access level the user will need?
A technician installed a known-good, compatible motherboard on a new laptop. However, the motherboard is not working on the laptop. Which of the following should the technician MOST likely have done to prevent damage?
A technician is troubleshooting an issue involving programs on a Windows 10 machine that are loading on startup but causing excessive boot times. Which of the following should the technician do to selectively prevent programs from loading?
A change advisory board did not approve a requested change due to the lack of alternative actions if implementation failed. Which of the following should be updated before requesting approval again?
A user reports a PC is running slowly. The technician suspects it has a badly fragmented hard drive. Which of the following tools should the technician use?
Which of the following must be maintained throughout the forensic evidence life cycle when dealing with a piece of evidence?
Which of the following is the MOST cost-effective version of Windows 10 that allows remote access through Remote Desktop?
A technician is setting up a new laptop for an employee who travels, Which of the following is the BEST security practice for this scenario?
Which of the following provide the BEST way to secure physical access to a data cento server room? (Select TWO).
The Chief Executive Officer at a bark recently saw a news report about a high-profile cybercrime where a remote-access tool that the bank uses for support was also used in this crime. The report stated that attackers were able to brute force passwords to access systems. Which of the following would BEST limit the bark's risk? (Select TWO)

Question 489 - 220-1102 discussion

Report
Export

A developer reports that a workstation's database file extensions have been changed from .db to .enc. The developer is also unable to open the database files manually. Which of the following is the best option for recovering the data?

A.
Accessing a restore point
Answers
A.
Accessing a restore point
B.
Rebooting into safe mode
Answers
B.
Rebooting into safe mode
C.
Utilizing the backups
Answers
C.
Utilizing the backups
D.
Using an AV to scan the affected files
Answers
D.
Using an AV to scan the affected files
Suggested answer: C

Explanation:

The scenario described in the question suggests that the workstation has been infected by a ransomware, which is a type of malware that encrypts the files on the target system and demands a ransom for the decryption key12.The file extension .enc is commonly used by some ransomware variants to mark the encrypted files34. The developer is unable to open the database files manually because they are encrypted and require the decryption key, which is usually held by the attacker.

The best option for recovering the data is to utilize the backups, assuming that the backups are recent, valid, and not affected by the ransomware. Backups are copies of the data that are stored in a separate location or device, and can be used to restore the data in case of a disaster, such as a ransomware attack . By restoring the data from the backups, the developer can avoid paying the ransom and losing the data permanently.

Accessing a restore point is not a good option, because restore points are snapshots of the system settings and configuration, not the data files. Restore points can help to undo some system changes, such as installing a faulty driver or software, but they cannot recover the encrypted data files .

Rebooting into safe mode is also not a good option, because safe mode is a diagnostic mode that allows the system to run with minimal drivers and services, but it does not affect the data files. Safe mode can help to troubleshoot some system issues, such as malware infections, but it cannot decrypt the data files .

Using an AV to scan the affected files is also not a good option, because an AV is a software that can detect and remove some malware, but it cannot decrypt the data files. An AV can help to prevent or remove some ransomware infections, but it cannot recover the encrypted data files .

Reference: 1: CompTIA A+ Certification Exam Core 2 Objectives, page 102: CompTIA A+ Core 2 (220-1102) Complete Video Course, Lesson 26 Documentation3:How to remove .enc file virus (Ransomware virus removal guide)4:Enc File Extension - What is an .enc file and how do I open it?: CompTIA A+ Certification Exam Core 2 Objectives, page 13 : CompTIA A+ Core 2 (220-1102) Complete Video Course, Lesson 26 Documentation :What is a restore point?:How to use System Restore on Windows 10: [What is Safe Mode?] : [How to boot into Safe Mode on Windows 10] : CompTIA A+ Certification Exam Core 2 Objectives, page 10 : [Can antivirus software remove ransomware?]

Show Answer
asked 02/10/2024
Aleksei Chernikov
47 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms