ExamGecko
Search Search Login
Home Home / CompTIA / 220-1102
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A technician installed a known-good, compatible motherboard on a new laptop. However, the motherboard is not working on the laptop. Which of the following should the technician MOST likely have done to prevent damage?
A systems administrator is setting up a Windows computer for a new user Corporate policy requires a least privilege environment. The user will need to access advanced features and configuration settings for several applications. Which of the following BEST describes the account access level the user will need?
A change advisory board did not approve a requested change due to the lack of alternative actions if implementation failed. Which of the following should be updated before requesting approval again?
A user reports a PC is running slowly. The technician suspects it has a badly fragmented hard drive. Which of the following tools should the technician use?
Which of the following is the MOST cost-effective version of Windows 10 that allows remote access through Remote Desktop?
A technician is setting up a new laptop for an employee who travels, Which of the following is the BEST security practice for this scenario?
The Chief Executive Officer at a bark recently saw a news report about a high-profile cybercrime where a remote-access tool that the bank uses for support was also used in this crime. The report stated that attackers were able to brute force passwords to access systems. Which of the following would BEST limit the bark's risk? (Select TWO)
A change advisory board just approved a change request. Which of the following is the MOST likely next step in the change process?
Which of the following is the MOST important environmental concern inside a data center?
A user is unable to log in to a workstation. The user reports an error message about the date being incorrect. A technician reviews the date and verifies it is correct, but the system clock is an hour behind. The technician also determines this workstation is the only one affected. Which of the following is the most likely issue?

Question 636 - 220-1102 discussion

Report
Export

An organization's critical database files were attacked with ransomware. The company refuses to pay the ransom for a decryption key. All traces of the infection have been removed from the underlying servers. Which of the following should the company do next?

A.
Scan all of the infected files with up-to-date, anti-malware cleaning software.
Answers
A.
Scan all of the infected files with up-to-date, anti-malware cleaning software.
B.
Fully patch the server operating systems hosting the fileshares.
Answers
B.
Fully patch the server operating systems hosting the fileshares.
C.
Change the files to be read-only.
Answers
C.
Change the files to be read-only.
D.
Restore critical data from backup.
Answers
D.
Restore critical data from backup.
Suggested answer: D

Explanation:

When an organization refuses to pay the ransom for a decryption key after a ransomware attack, and all traces of the infection have been removed, the next critical step is:

Restore critical data from backup: This is the most effective way to recover from a ransomware attack without paying the ransom. Assuming the organization has good backup practices, the backups should be free from infection and can be restored to get the systems operational again.

Scan all of the infected files with up-to-date, anti-malware cleaning software: This step is important during the infection removal process but does not address restoring the encrypted files.

Fully patch the server operating systems hosting the fileshares: While this is necessary to prevent future attacks, it does not recover the encrypted files.

Change the files to be read-only: This will not help recover the encrypted data.

CompTIA A+ 220-1102 Exam Objectives, Section 2.8: Given a scenario use common data destruction and disposal methods.

Best practices for ransomware recovery.

Show Answer
asked 02/10/2024
Sumit Dhar
47 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms