You are an IT technician at a medium-sized company and you've detected malware on one of the computers within the network. Your company maintains sensitive customer data and it's critical to prevent any further infection or data breach. What is your FIRST course of action to mitigate the threat?
Immediately shut down the computer to prevent any further actions by the malware
Disconnect the computer from the network
Notify all employees about the infection before taking any technical measures
The first step in dealing with a malware infection is to quarantine the affected system to prevent the malware from spreading to other systems on the network or accessing network resources. Disconnecting the computer from the network can be achieved by physically unplugging it from the network or disabling its network connection. Isolation prevents malware from communicating with any command-and-control servers and stops it from spreading laterally across the network.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to disconnect the infected computer from the network?
Open an interactive chat with Bash
What are some common methods to disconnect a computer from the network?
Open an interactive chat with Bash
What should I do after disconnecting the infected computer from the network?