220-1102 Question #682: Real Exam Question with Answer & Explanation

Question

A user's workstation was infected with a newly discovered virus that the AV system detected. After a full virus scan and a workstation reboot, the virus is still present in the OS. Which of the following actions should the user take to remove the virus?

Options

• AEnable the system firewall.
• BUse bootable antivirus media to scan the system.
• CDownload software designed to specifically target the virus.
• DRun the operating system update process.

Explanation

When a virus persists after standard AV scans and reboots, using bootable antivirus media is often necessary to scan and remove the malware before the operating system loads and activates the virus.

Common mistakes.

• A. Enabling the system firewall can prevent network propagation but will not remove an existing virus that has already infected the operating system.
• C. Downloading software from an infected system is risky, as the malware could interfere with the download or installation, or even mask the true nature of the downloaded software; furthermore, it might not be effective if the malware is active.
• D. Running operating system updates patches vulnerabilities but typically does not remove active malware already present on the system.

Concept tested. Malware removal techniques - persistent infections

Reference. https://learn.microsoft.com/en-us/windows/security/threat-protection/intelligence/advanced-troubleshooting-for-microsoft-defender-antivirus

No community discussion yet for this question.