A user is unable to access files on a work PC after opening a text document. The text document was labeled “URGENT PLEASE READ.txt - In active folder, .txt file titled urgent please read”. Which of the following should a support technician do FIRST?
A user is unable to access files on a work PC after opening a text document. The text document was labeled “URGENT PLEASE READ.txt - In active folder, .txt file titled urgent please read”. Which of the following should a support technician do FIRST?
When dealing with a potential malware incident, the first step is to contain the threat and prevent it from spreading to other systems. Therefore, the initial action should be to quarantine the host computer. This isolation will help ensure that any potential malware does not propagate to other networked systems. Once the system is quarantined, further steps, such as running antivirus scans and investigating how the malware was installed, can be taken.
The technician has not confirmed that this is malware. if customer is still there, the technician should definitely inquire if the customer knows where that file came from, & what it is. If the customer is not reachable, technician should first scan the computer for viruses.
I like all your explanations, your reasonings are always on point brother.
The answer would be C. 3.2 of the Comptia 1102 exam objectives states the following: Given a scenario, use best practice procedures for malware removal. 1. Investigate and verify malware symptoms 2.Quarantine infected systems 3.Disable System Restore in Windows 4.Remediate infected systems a. Update anti-malware software b.Scanning and removal techniques (e.g., safe mode, preinstallation environment) 5.Schedule scans and run updates 6.Enable System Restore and create a restore point in Windows 7. Educate the end user
So B "1. Investigate and verify malware symptoms" how else do you investigate and verify malware symptons,
C implies that the malware was already discovered, so it's B.
Why wouldn't you ALWAYS quarantine the system before doing any other step? To prevent a possible spread.
The answer is phrased strangely. It says quarantine the host, which is normal, but it says "in the antivirus system" which is odd and I am not even sure what it means. You would normally quarantine it from the network.
I would for letter A (Quarantine)
This is an interesting one. I don't know if I'm thinking too hard, but .txt extensions cannot execute anything. Even if there is code inside of it. So when opening it, all you will see is text. Because of this I would just use B, to check if there's anything malicious on the machine. If I'm not thinking hard and they are expecting a typical step, I would pick A, quarantine.
this question is phrased so weird. i dont understand what its saying
I can't read this either lol
The questions says the filename is “URGENT PLEASE READ.txt - In active folder, .txt file titled urgent please read”. Just because there's a .txt extension in the middle of the file name doesn't make this a text file. If Windows Explorer settings are default then known file extension types, such as .exe, will not be displayed. The technician should start at step one by investigating and verifying symptoms before proceeding to quarantine if confirmed.
I believe it's B but A is the next best answer in my opinion.
Order of operations C then B then A. Questions is where are you. My perspective we know that malware on the PC but not how it got on my answer is C. In real world I'd be Quarantining the machine right away even as I continuing investigating on how it was installed to protect my other machines and keeping it from spreading. This as what seems to be the consistency another bad poorly worded question.
Sorry Order of operations is C then A then B.
The answer is B because on the practice test I chose C which it told me was incorrect. Instead it told me the answer is B. So the Answer to this question is B
The question doesn't mention that it is malware, so it should be assumed that it is malware.