Which of the following is the MOST effective way to check other machines on the network for this unknown threat?
A help desk technician is troubleshooting a workstation in a SOHO environment that is running above normal system baselines. The technician discovers an unknown executable with a random string name running on the system. The technician terminates the process, and the system returns to normal operation. The technician thinks the issue was an infected file, but the antivirus is not detecting a threat. The technician is concerned other machines may be infected with this unknown virus.
Which of the following is the MOST effective way to check other machines on the network for this unknown threat?
A. Run a startup script that removes files by name.
B. Provide a sample to the antivirus vendor.
C. Manually check each machine.
D. Monitor outbound network traffic.
Answer: B
Explanation:
A. Run a startup script that removes files by name – While this might remove the specific infected file if it’s present on other machines and its name is the same, it won’t necessarily remove other infected files, especially if the virus has the ability to change names or create new files.
B. Provide a sample to the antivirus vendor – Providing a sample to the antivirus vendor allows the vendor to analyze the suspicious file and, if it is indeed malicious, update their antivirus signatures to detect it. This is the most effective and efficient way to ensure other machines are protected from the same threat.
C. Manually check each machine – This could be time-consuming and prone to error, especially if there are many machines to check. It also doesn’t prevent future infections.
D. Monitor outbound network traffic – While monitoring outbound network traffic could potentially identify machines that are infected with malware that communicates over the network, it wouldn’t necessarily identify all infected machines, especially if the virus doesn’t communicate over the network, or if it uses encryption or other methods to disguise its communications.
Therefore, the most effective way to check other machines on the network for this unknown threat is to provide a sample to the antivirus vendor.
Latest 220-1102 Dumps Valid Version with 81 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund