You work as the security administrator at Certpaper .com. You must document the procedure for
handling computer virus infections.
Choose the action which you should specify to perform when receiving an e-mail message
warning of the existence of a virus on the system if a specific executable file exists?

A.
First broadcast a message to the all users to alert them of the presence of a virus.

B.
First locate and download a patch to repair the file.

C.
First search for and delete the virus file.

D.
First investigate the e-mail message as a possible hoax with a trusted anti-virus vendor.

Explanation:

If a virus threat is for real, the major anti-virus players like Symantec, McAfee, or Sophos will know
about it before you, and they will have details on their sites.
Incorrect answers:
Searching for and deleting a file is not only a waste of time with today’s OS’s complex directory
systems, but its also ineffective. One can miss a file, the file could be hidden, the wrong file can be
deleted, and worst of all: when you delete a file it doesn’t really get completely deleted, instead it
gets sent to a ‘recycle bin.’
Broadcasting an alert and creating panic isn’t the right thing to do, because it will waste bandwidth,
and perhaps terrorizing the users is the original intent of the attack.
The act of locating and downloading a patch isn’t just time consuming, but there’s a chance that
the patch itself could be the virus, or the process of resetting the computer could activate the virus.