nerdexam
Exams220-1002Questions#68
CompTIA

220-1002 · Question #68

220-1002 Question #68: Real Exam Question with Answer & Explanation

The correct answer is B: Update and install anti-malware software. The symptoms describe scareware or ransomware - malware that displays a fake warning and demands payment. After quarantining the machine and disabling System Restore (to prevent malware from hiding in restore points), the standard next step in malware remediation is to update and

Question

A technician receives an end user's computer that displays erratic behavior upon startup. When the technician starts the computer performance is reduced. A window appears on the screen stating a purchase must be made to disinfect the computer. The technician quarantines the computer and disables System Restore. Which of the following should the technician do NEXT?

Options

  • ARoll back the NIC driver
  • BUpdate and install anti-malware software
  • CConfigure and enable the email spam filters
  • DVerify the security certificate is valid
  • EPerform a full system backup

Explanation

The symptoms describe scareware or ransomware - malware that displays a fake warning and demands payment. After quarantining the machine and disabling System Restore (to prevent malware from hiding in restore points), the standard next step in malware remediation is to update and run anti-malware software to detect and remove the infection. Rolling back the NIC driver (A) is irrelevant to malware. Configuring spam filters (C) is a preventive email measure, not a remediation step. Verifying a security certificate (D) does not address malware removal. Performing a full system backup (E) should never be done on a known-infected system, as it would back up the malware.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 220-1002 Practice