The security team is notified that a device on the network is infected with malware. Which of the following is MOST effective in enabling the device to be quickly located and remediated?
Selected D. The detection mechanism has already found out that a device has been infected which means it is too late for a vulnerability scanner. The tool that had detected the malware infection, would have given the hostname/IP address of that device. The question asks about the most effective way to "locate", if we plug in the hostname / IP address in the ITAM system, that would give the actual location (Geographical) location of that device and who to contact in case some boots on the ground is needed. Therefore ITAM is the right answer.
Let me tell yiu o'u a scenario that happened in my laptop. My laptop was infected by malware, I quickly use anti.virus to scan my system just to know the part infected. Immediately I was able to see it and remediate it. So IDS is correct. Snort is also an example of IDS
Option D: Information Technology Asset Management (ITAM) can also play a role in enabling the infected device to be quickly located and remediated.
ITAM involves tracking and managing the inventory of IT assets within an organization, including devices such as computers, servers, and network devices. By maintaining an up-to-date record of all devices, their locations, and configurations, ITAM can help identify the specific device that is infected with malware.
Once the infected device is identified through ITAM, appropriate remediation actions can be taken, such as isolating the device, conducting a thorough scan for malware, applying patches or updates, or even physically removing and replacing the device if necessary.
Therefore, both option B (Intrusion detection) and option D (ITAM) can be effective in quickly locating and remedying an infected device. The choice between them may depend on the specific capabilities and implementation of the organization's security infrastructure.
I do not understand why it is D. I do not hear any IT inventory system can detect the malware and fix it. Although it can easy to detect location of the device, how can it detect which device has the malware. It sounds does not make sense. I would choose C as the IDS can detect the attack of malware and display the source IP of the attack.
How scanning for weaknesses will help you locate and remediate the malware? The answer should Def be "D". If you have an up to date Inventory is should be easy to find the device and fix the issue.
upvoted 3 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
projtfer
Highly Voted 2 years, 1 month agojackdryan
1 year, 6 months agokptest12
Highly Voted 2 years, 1 month agosomsom
Most Recent 1 month agosomsom
1 month agoJenkins3mol
6 months, 3 weeks agoHardrvkllr
7 months, 1 week agoVasyamba1
8 months, 1 week agoBach1968
1 year, 4 months agoKCLung
1 year, 5 months agoJamati
2 years agoVino22
2 years, 1 month agofranbarpro
2 years, 1 month ago