Notifications
Clear all
Topic starter
15/08/2022 2:10 am
A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again.
Which of the following should the IT administrator do FIRST after recovery?
- A . Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis
- B . Restrict administrative privileges and patch ail systems and applications.
- C . Rebuild all workstations and install new antivirus software
- D . Implement application whitelisting and perform user application hardening
Suggested Answer: A