I like D here. The question says to ensure "capability" which I think is the key word here. How do you ensure capability, by performing integrity checks on backups. Don't get me wrong, I like having off line storage, but it asks about capability and not availability. My two cents. Good luck.
The reason the correct answer is C is simple: ransomware cannot get to offline data so you can be assured that the restores will be clean.
As for why D is wrong, all you have to do is think how an integrity check is going to help you if the data had already been compromised. Don't get me wrong, integrity checks are important for normally, everyday backups but it does not work in this specific situation involving ransomware.
Changing my answer to C- if reading only the first part 'ensure the capability to restore clean data', the answer would have been D but reading the full question with the ransomware attack mentioned, it should be C because the only way to ensure data is clean after ransomware attack is C. sorry folks
D- The question is asking how to 'ensure the capability to restore clean data' and the only way to do that is by performing an integrity check. Otherwise, you can have multiple copies of offline backups but that does not automatically mean they are clean. To prove even an offline backup copy is clean, you need an integrity check.
You can perform multiple integrity checks on backups but if the backups are not offsite and they are in the same network, then integrity goes out the window. Offsite backup should be maintained (they should also be checked for integrity and restoration should be tested periodically).
D.
Before restore, i would do integrity check.
For C, though I have so many offline backups, i still need check before restore, otherwise I'm not sure it is infected.
Please ignore my thinking out loud in the comments below. :D
Long-story-short - it's C.
People who are split between C and D (like I was in the beginning) should remind themselves that "integrity checks" is NOT the same as "checking the integrity". Integrity checks (like the question states) would mean to check if backup has been modified since creation, while "checking the integrity of backup" would mean if backup is actually restorable and is working.
I think it's actually D, folks.
Capability to restore = offline backups
ENSURING that capability = integrity checks.
At least this is how it looks to me.
BUT THEN AGAIN...
Option D says "perform integrity checks on backups", but those are not OFFLINE backups! What if those backups are also infected and encrypted by a ransomware, since they were on the same network?
I hate this question...
Also "integrity checks" are not the same as "checking the integrity"! Integrity checks would mean to check if backup has been modified since creation. This would make answer D actually incorrect!
So in the end, I'm gonna go with C if I encounter this on the exam.
Key words in the question is ensure. Best way you can ensure success is to have multiple avenues. Hey look one of the answers contains the word multiple, going with C here.
I believe it is C. I think too many people are getting caught up on trying to prove that it is a "reliable" backup. The question states how would you "restore clean data". You would do this by taking one of your offline backups. Then you could verify afterward that it was "reliable". But to RESTORE you would acquire one of your offline backups.
I beleive it is C. I think too many people are getting caught up on trying to prove that it is a "reliable" backup. The question states how would you "restore clean data". You would do this by taking one of your offline back ups.
Performing integrity checks on backups can help identify corrupted or compromised backups, but it does not prevent ransomware from encrypting data in backups. Integrity checks can only detect damage that has already occurred; they cannot prevent future attacks
option C: Maintaining multiple offline backups as the best way to ensure the capability to restore clean data after a ransomware attack.
Maintaining multiple offline backups means storing copies of your data on devices or systems that are not connected to the network. This reduces the risk of the backups being compromised during a ransomware attack. If your primary data is encrypted or held hostage by ransomware, you can restore your data from the offline backups, ensuring the availability of clean data.
C. Maintain multiple offline backups
The best way to ensure the capability to restore clean data after a ransomware attack is to maintain multiple offline backups. This approach ensures that even if your primary data and online backups are compromised by ransomware, you have a secure and isolated copy of your data that the attacker cannot access or corrupt. Offline backups are not connected to your network or systems, making them immune to ransomware attacks.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Broesweelies
Highly Voted 1 year, 9 months agoCarlLimps
Highly Voted 1 year, 8 months agoBabaP
1 year, 8 months agoisaphiltrick
Most Recent 3 months, 3 weeks agoshootnot
6 months, 1 week agoshootnot
6 months, 1 week agoRunAmok113
6 months, 4 weeks agoyottabyte
8 months agoxcjxcj
8 months, 1 week agoAlexJacobson
9 months, 4 weeks agoAlexJacobson
9 months, 4 weeks agoAlexJacobson
9 months, 4 weeks agoAlexJacobson
9 months, 3 weeks agoPOWNED
9 months, 4 weeks agoPOWNED
9 months, 3 weeks agojcisco123
10 months agoblehbleh
10 months, 3 weeks agoblehbleh
10 months, 3 weeks agoCyberbug2021
12 months agokoala_lay
1 year, 1 month agooluchecpoint
1 year, 2 months ago