ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam 220-1102 All Questions

View all questions & answers for the 220-1102 exam
Go to Exam

Exam 220-1102 topic 1 question 6 discussion

Actual exam question from CompTIA's 220-1102
Question #: 6
Topic #: 1
[All 220-1102 Questions]

A user calls the help desk to report that none of the files on a PC will open. The user also indicates a program on the desktop is requesting payment in exchange for file access. A technician verifies the user's PC is infected with ransomware. Which of the following should the technician do FIRST?

  • A. Scan and remove the malware.
  • B. Schedule automated malware scans.
  • C. Quarantine the system.
  • D. Disable System Restore.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Antwon at Oct. 21, 2022, 2:31 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Thejphall
Highly Voted 2 years, 2 months ago
Selected Answer: C
After verifying the malware, quarantining would be the next step in malware removal process. Comptia Exam Objectives for malware removal. 1. Investigate and verify malware symptoms 2.Quarantine infected systems 3.Disable System Restore in Windows 4.Remediate infected systems a. Update anti-malware software b.Scanning and removal techniques (e.g., safe mode, preinstallation environment) 5.Schedule scans and run updates 6.Enable System Restore and create a restore point in Windows 7. Educate the end user
upvoted 10 times
...
Antwon
Highly Voted 2 years, 2 months ago
Selected Answer: C
The answer is C because generally, quarantining a system is the first thing you do in malware removal. Then comes disabling system restore, then scan and remove the malware, and then schedule automated malware scans.
upvoted 7 times
...
jbeezy
Most Recent 2 weeks, 3 days ago
Selected Answer: C
PC is infected with ransomware, and malware scan will not prevent access to compromised information and data. Best thing to do is save what you can and isolate from the network.
upvoted 1 times
...
er.garg2687
4 months, 3 weeks ago
Whenever system is suffering from Ransomware it should be isolated from network
upvoted 1 times
...
CPI
7 months, 4 weeks ago
Selected Answer: C
Always. Quarantine. First.
upvoted 1 times
...
Chavozamiri
1 year, 1 month ago
Selected Answer: C
Not great question but answer is C.
upvoted 1 times
...
CPAB
1 year, 7 months ago
Selected Answer: C
Quarantine the unit to not affect other users if the ransomware can affect the network. It was not recoverable even if you paid them and some ransomware keys were exposed online.
upvoted 2 times
...
Jcsimple
1 year, 10 months ago
Quarantine it guys, don't want it to spread like wildfire.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago