Which of the following should the IT administrator do FIRST after recovery?

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again.

Which of the following should the IT administrator do FIRST after recovery?
A . Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis
B . Restrict administrative privileges and patch ail systems and applications.
C . Rebuild all workstations and install new antivirus software
D . Implement application whitelisting and perform user application hardening

Answer: A

Latest SY0-601 Dumps Valid Version with 265 Q&As

Latest And Valid Q&A | 90 Days Free Update | Once Fail, Full Refund

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>