A security administrator wants to implement a system that will allow the organization to quickly and securely recover from a computer breach. The security
administrator notices that the majority of malware infections are caused by zero-day armored viruses and rootkits. Which of the following solutions should the
system administrator implement?
A.
Install an antivirus solution that provides HIPS capabilities.
B.
Implement a thick-client model with local snapshots.
C.
Deploy an enterprise patch management system.
D.
Enable the host-based firewall and remove users’ administrative rights.
In my opinion B. The server provides the thick client with programs and files that are not stored on the local machine’s hard drive. Restoring a previous image an organization recovers quickly and securely a computer breach
1
0
2 points, the question is asking about “quickly and securely recovery” from a breach. antivirus/HIPS don’t help with recovery. Secondly, if it’s “zero-day armored viruses” wouldn’t that mean antivirus/HIPS would not be able to detect it? For “quickly and securely recovery”, option B would be most appropriate.
0
0
You can reduce the risk to your network by using a minumum of applications. … in your software and operating systems, strengthening your resistance to malware. …
0
1
Yes, but the question is asking for quick and secure recovery. With thick client and snapshots, it can recover from the breach quite easily and efficient.
0
1
Key word “IMPLEMENT”
Implement ‘A’ as a first layer of defense
0
1
How can you quickly recover from this answer?
Install an antivirus solution that provides HIPS capabilities.
0
1