You are an IT technician at a medium-sized company and you've detected malware on one of the computers within the network. Your company maintains sensitive customer data and it's critical to prevent any further infection or data breach. What is your FIRST course of action to mitigate the threat?
Begin a full system antivirus scan
Disconnect the computer from the network
Immediately shut down the computer to prevent any further actions by the malware
Notify all employees about the infection before taking any technical measures
The first step in dealing with a malware infection is to quarantine the affected system to prevent the malware from spreading to other systems on the network or accessing network resources. Disconnecting the computer from the network can be achieved by physically unplugging it from the network or disabling its network connection. Isolation prevents malware from communicating with any command-and-control servers and stops it from spreading laterally across the network.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is disconnecting the computer from the network the first step in dealing with malware?
Open an interactive chat with Bash
What are some common types of malware that could infect a computer?
Open an interactive chat with Bash
What steps should be taken after disconnecting the infected computer?