The help desk informed a security analyst of a trend that is beginning to devel

op regarding a suspicious email that has been reported by multiple users. The analyst has determined the email includes an attachment named invoice.zip that contains the following files:

Locky.js

xerty.ini

xerty.lib

Further analysis indicates that when

the .zip file is opened, it is installing a new version of ransomware on the devices. Which of the following should be done FIRST to prevent data on the company NAS from being encrypted by infected devices?

A. Disable access to the company VPN.

B. Email e

mployees instructing them not to open the invoice attachment.

C. Set permissions on file shares to read-only.

D. Add the URL included in the .js file to the company-s web proxy filter.

Explanation: