You discover strange activity on a shared storage system where files are being encrypted and a fee is demanded for restoration. Which measure is most effective for containing the spread and recovering data?
Work out a payment agreement with the malicious group for faster data return
Reset user account credentials to block unwanted access
Open external ports to scanning tools for accelerated identification of the attack
Disconnect the impacted resource and recover files from known-safe backups
Removing the compromised instance from the network eliminates the source of file corruption. Restoring from previous backups provides a clean state, ensuring that data is not still compromised. Resetting user credentials without isolating the infected system can fail to stop further encryption. Negotiating with attackers does not guarantee a secure restoration. Opening firewalls to external scanning services can create additional risks without addressing the root cause.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are the best practices for creating and maintaining backups?
Open an interactive chat with Bash
How does removing an infected system from a network prevent further spread?
Open an interactive chat with Bash
Why is paying ransom to attackers not considered a reliable solution?
Open an interactive chat with Bash
CompTIA Cloud+ CV0-004
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access