During the final stage of a test, modifications were made to security parameters, including firewall rules and registry entries. The team needs to return the system to its previous state with the least risk of incomplete reversion. Which approach is the best for returning this system to its prior state?
Disable any new user accounts introduced and stop the services they created
Uninstall the tools used during the test and leave network configuration updates in place
Re-image the system from a backup that was created before any testing was conducted
Manually remove the changes listed in the firewall logs and then rebuild the registry entries
Re-imaging from a known snapshot taken prior to the test sets the system back to its exact configuration before any changes were introduced. It addresses both manual updates and any inadvertent modifications that might have gone unrecorded, and it avoids the need to track down each change. Other approaches rely significantly on documentation and memory, which increases the chance of leaving some modifications in place.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does re-imaging a system mean?
Open an interactive chat with Bash
Why is re-imaging considered less risky than manually reverting changes?
Open an interactive chat with Bash
What is a system snapshot, and how is it used in re-imaging?