CompTIA Server+ SK0-005 Practice Question
During the weekly patch cycle, users suddenly cannot map drives to a Windows Server 2019 file server. In the endpoint-protection console the administrator sees that the server's anti-malware agent quarantined srvsvc.dll and netlogon.dll immediately after the latest definition update, classifying them as "suspicious behavior." A manual hash comparison against Microsoft's installation media confirms the files are pristine, and threat-intelligence feeds show no malicious activity associated with those hashes. What should the administrator do first to restore file-sharing service while keeping the server protected?
Restore the quarantined DLLs from backup (or quarantine) and create a temporary exclusion for their folder so the services can start.
Submit the DLLs to the vendor for re-analysis and wait for updated signatures before taking any corrective action.
Disable real-time malware protection on the file server until the vendor releases updated signatures.
Uninstall the anti-malware agent from the file server and reboot to reload the original DLLs.