After containing an incident that infected user workstations with malware, what are three effective remediation procedures that an organization can take for eradication? (Choose three.)
- Change assigned names and passwords for all devices.
- Update and patch the operating system and installed software of all hosts.
- Rebuild hosts with installation media if no backups are available.
- Rebuild DHCP servers using clean installation media.
- Disconnect or disable all wired and wireless network adapters until the remediation is complete.
- Use clean and recent backups to recover hosts.
Explanation: To recover infected user workstations, use clean and recent backups or rebuild the PCs with installation media if no backups are available or they have been compromised. Also, fully update and patch the operating system and installed software of all hosts. All users are encouraged to change their passwords for the workstation or workstations they use. Rebuilding DHCP servers is needed only if they are affected by the incident.Also not all devices need to change the name and password configuration setting unless they are affected by the incident.
Exam with this question: CCNA SECOPS 210-255 Dumps – Certification Practice Exam Answers
Exam with this question: CyberOps Associate (Version 1.0) - Module 28: Digital Forensics and Incident Analysis and Response Answers
Exam with this question: Cyber Threat Management - 6.6.2 Digital Forensics and Incident Analysis and Response Quiz
Exam with this question: Cyber Threat Management: My Knowledge Check Answers