nerdexam
Exams220-802Questions#1029
CompTIA

220-802 · Question #1029

220-802 Question #1029: Real Exam Question with Answer & Explanation

The correct answer is B: Run an IPCONFIG /FLUSHDNS.. Many malware infections modify the DNS cache to redirect domain lookups to malicious IP addresses. Even after the virus is removed, poisoned entries can remain in the local DNS cache, causing continued redirects when domain names are resolved. Running IPCONFIG /FLUSHDNS clears th

Question

A user claims that they recently had a virus infection and even after the infection was cleared, the user's web browser is still redirected to the same incorrect website when it is opened. Which of the following should the technician check FIRST?

Options

  • AVerify that the browser's cookies have been cleared.
  • BRun an IPCONFIG /FLUSHDNS.
  • CCheck that the browser version is the latest release.
  • DRun an IPCONFIG /ALL and verify the correct DHCP server.

Explanation

Many malware infections modify the DNS cache to redirect domain lookups to malicious IP addresses. Even after the virus is removed, poisoned entries can remain in the local DNS cache, causing continued redirects when domain names are resolved. Running IPCONFIG /FLUSHDNS clears the local DNS resolver cache, forcing fresh lookups from the legitimate DNS server. This is the fastest and least disruptive first step. Clearing cookies addresses tracking and session data, not DNS-based redirects. Checking the browser version is unlikely to resolve a redirect. Running IPCONFIG /ALL to check the DHCP server is a reasonable follow-up but does not directly address cached DNS poisoning.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 220-802 Practice