Free CompTIA Security+ SY0-701 Practice Question

After a security breach has been contained, an organization must eradicate the threat to prevent further damage. Which of the following actions is the MOST effective way to ensure a sophisticated rootkit is completely removed from a critical server, while maintaining the server's availability for ongoing mission-critical operations?

  • Booting to a known clean recovery environment to conduct rootkit removal.

  • Patching the server with the latest security updates.

  • Powering off the server until a suitable removal method is determined.

  • Updating antivirus signatures and rerunning a full scan.

This question's topic:
CompTIA Security+ SY0-701 / 
Security Operations
Your Score:

Check or uncheck an objective to set which questions you will receive.