A company’s help desk received several AV alerts indicating Mimikatz attempted to run on the remote systems. Several users also reported that the new company flash drives they picked up in the break room only have 512KB of storage.
Which of the following is MOST likely the cause?
A . The GPO prevents the use of flash drives, which triggers a false positive AV indication and restricts the drives to only 512KB of storage.
B . The new flash drives need a driver that is being blocked by the AV software because the flash drives are not on the application’s allow list, temporarily restricting the drives to 512KB of storage.
C . The new flash drives are incorrectly partitioned, and the systems are automatically trying to use an unapproved application to repartition the drives.
D . The GPO blocking the flash drives is being bypassed by a malicious flash drive that is attempting to harvest plaintext credentials from memory.
Answer: D
Latest SY0-601 Dumps Valid Version with 396 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund