A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?
A) Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis.
B) Restrict administrative privileges and patch all systems and applications.
C) Rebuild all workstations and install new antivirus software.
D) Implement application whitelisting and perform user application hardening.
Correct Answer:
Verified
Q504: A network administrator at a large organization
Q505: A mobile application developer wants to secure
Q506: Which of the following is the BEST
Q507: An organization is drafting an IRP and
Q508: A technician is designing a solution that
Q510: To further secure a company's email system,
Q511: A user loses a COPE device. Which
Q512: While testing a new vulnerability scanner, a
Q513: A forensics investigator is examining a number
Q514: Which of the following BEST explains the
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents