A consultant discovers leftover infiltration programs on a target machine near the conclusion of a test. Which measure best addresses their removal so they are prevented from being reused by unauthorized individuals?
Eliminate the discovered programs from the system, and also remove their references in scheduled routines and run locations
Archive the discovered programs in a password-protected container on the same machine for later analysis
Isolate the system and wait for the programs to cease operation, then activate the network connection afterwards
Rename the uncovered programs, store them under an unlisted system folder, and close the session
Wiping remnants of infiltration programs and checking for related entries ensures no unexpected services or tasks reference them later. Placing them in hidden directories, moving them offline, or saving them for internal use can leave them accessible. Securely removing them along with scheduled references disallows unintended reuse.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to remove references to infiltration programs in scheduled routines?
Open an interactive chat with Bash
What are common locations where malicious programs might leave references for persistence?
Open an interactive chat with Bash
Why is securely removing infiltration programs preferred over archiving them for analysis?