220-1002 · Question #182
220-1002 Question #182: Real Exam Question with Answer & Explanation
The correct answer is A: Compare the startup items and services to a known clean image, and remove any startup items. The notification is characteristic of scareware or rogue security software - a fake alert designed to trick users into clicking a malicious link. Since the content filter confirms the link leads to known malware, the link must not be followed. Comparing startup items and services
Question
Options
- ACompare the startup items and services to a known clean image, and remove any startup items
- BValidate that the alerts are false positives, and disable security software on the workstation to
- CBack up the user's files. Restore the system to the original system image designated by corporate
- DRequest a content filter exception to allow access to the link from the notification. Once available,
Explanation
The notification is characteristic of scareware or rogue security software - a fake alert designed to trick users into clicking a malicious link. Since the content filter confirms the link leads to known malware, the link must not be followed. Comparing startup items and services against a known clean baseline image allows the technician to identify and remove the malicious components with surgical precision, preserving the user's data and settings (minimal impact). Disabling security software (B) would expose the machine further. Restoring the full system image (C) is high-impact and potentially unnecessary. Requesting a content filter exception (D) would actively allow malware access - a serious security error.
Community Discussion
No community discussion yet for this question.