After identifying and isolating a malware infection that compromised several systems within your organization, which of the following actions is the BEST approach to remediation?
Implement compensating controls and conduct user training.
Re-image the affected systems to remove the malware.
Analyze logs to understand the attack pattern and monitor the systems.
Apply security patches and update antivirus software.
Re-imaging the affected systems is the best approach because it ensures that all traces of the malware are completely removed. While remediation through security patches and updating antivirus software is essential, it does not guarantee the complete eradication of the malware. Re-imaging provides a clean slate, eliminating any residual malware code. Implementing compensating controls and conducting user training are beneficial post-reimaging steps to prevent re-infection and strengthen overall security. Analyzing logs is crucial for understanding the attack pattern but does not constitute a remediation step directly.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does re-imaging a system involve?
Open an interactive chat with Bash
Why is updating antivirus software not sufficient for malware removal?
Open an interactive chat with Bash
What are compensating controls and why are they important?