PrepAway - Latest Free Exam Questions & Answers

Which of the following actions would BEST interrupt the…

A security administrator is having continued issues with malware variants infecting systems infecting systems and encrypting several types of files. The malware
uses a document macro to create a randomly named executable that downloads the encrypted payload of the malware. Once downloaded, the malware searches
all drives, creates and HTML file with the decryption instructions in the directory, and then proceeds to encrypt the target files. Which of the following actions would
BEST interrupt the malware before it encrypts other files while minimizing the adverse impacts to the users?

PrepAway - Latest Free Exam Questions & Answers

A.
Block execution of documents with macros

B.
Block addition of documents with macros

C.
Block the creation of the HTML of the HTML document on the local system

D.
Block running external files from within documents.


Leave a Reply