A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?
A) Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis.
B) Restrict administrative privileges and patch all systems and applications.
C) Rebuild all workstations and install new antivirus software.
D) Implement application whitelisting and perform user application hardening.
Correct Answer:
Verified
Q44: A public relations team will be taking
Q45: Which of the following ISO standards is
Q46: A security analyst is performing a forensic
Q47: The manager who is responsible for a
Q48: A security assessment determines DES and 3DES
Q50: An organization is concerned that its hosted
Q51: During an incident response, a security analyst
Q52: Which of the following would be the
Q53: A global pandemic is forcing a private
Q54: After entering a username and password, an
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents