Which of the following should the IT administrator do FIRST after recovery?

SY0-501 0 Comments

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and IT administrator wants to ensure it does not happen again.

Which of the following should the IT administrator do FIRST after recovery?
A . Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis.
B . Restrict administrative privileges and patch all systems and applications.
C . Rebuild all workstations and install new antivirus software.
D . Implement application whitelisting and perform user application hardening.

Answer: A

Latest SY0-501 Dumps Valid Version with 1130 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download SY0-501 PDF     SY0-501 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments