CompTIACompTIA
220-1202 · Question #13
220-1202 Question #13: Real Exam Question with Answer & Explanation
The correct answer is A: Quarantine the infected systems.. Once an incident is confirmed, the immediate priority is containment. Isolating (quarantining) the infected machines prevents the malware from spreading to other systems or exfiltrating data, enabling safe analysis and remediation.
Submitted by manish99· Mar 30, 2026Security
Question
A technician verifies that a malware incident occurred on some computers in a small office. Which of the following should the technician do next?
Options
- AQuarantine the infected systems.
- BEducate the end users.
- CDisable System Restore.
- DUpdate the anti-malware and scan the computers.
Explanation
Once an incident is confirmed, the immediate priority is containment. Isolating (quarantining) the infected machines prevents the malware from spreading to other systems or exfiltrating data, enabling safe analysis and remediation.
Topics
#Malware incident response#Incident containment#Quarantine systems
Community Discussion
No community discussion yet for this question.