An administrator discovered a suspicious program running on a critical system after noticing unusual network connections. The program had elevated privileges. Which approach best reduces the risk and helps prevent further incidents?
Revert the machine to a previous state without investigating current user privileges
Remove the suspicious program, verify user permissions, and deploy monitoring to detect unexpected activity
Restrict resource usage so the unwanted process cannot consume as many system resources
Apply additional ciphers to secure data being transferred over the network
Removing the suspicious program and adjusting privileges ensures the immediate threat is removed. Performing regular monitoring with detection tools helps reveal future attempts to install unauthorized applications. Merely isolating the process or focusing on encryption settings alone would not address the root cause. Reverting the entire system to a past image can be effective in some scenarios, but verifying privileges and monitoring is more comprehensive for ongoing protection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to verify user permissions after removing a suspicious program?
Open an interactive chat with Bash
How does deploying monitoring tools help detect unexpected activity?
Open an interactive chat with Bash
Why is reverting a system to a previous state not always the best solution?
Open an interactive chat with Bash
CompTIA Cloud+ CV0-004
Troubleshooting
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access