Learn the correct steps to take when malware keeps reinfecting a computer system according to CompTIA A+ 220-1102 certification. Disconnecting from the network and reimaging are key.
Table of Contents
Question
A computer has been infected with malware. Despite several attempts to remove the malware, the issue persists. Which of the following actions should the technician take next? (Choose two.)
A. Reimage the computer.
B. Restore the computer using the last known-good backup.
C. Remove the computer from the network.
D. Put the computer in safe mode.
E. Verify the file consistency.
F. Enable the system firewall.
Answer
A. Reimage the computer.
C. Remove the computer from the network.
Explanation
If malware keeps reinfecting a computer despite multiple removal attempts, the best course of action is to:
- Reimage the computer (reinstall the operating system from scratch). This will completely overwrite the hard drive, eliminating any lingering malware that removal tools may have missed. Reimaging returns the system to a clean, malware-free state.
- Remove the infected computer from the network by disconnecting its Ethernet cable and disabling WiFi. This prevents the malware from spreading to other devices on the network. It also stops the malware from communicating with any command and control servers to reinfect the system.
Antivirus scans and removal tools sometimes fail to completely eliminate stubborn malware infections. In those cases, wiping the hard drive clean by reimaging is the most thorough way to ensure the malware is fully eradicated.
However, before reimaging, it’s critical to isolate the computer by taking it off the network first. Otherwise, the malware could spread and the computer could get reinfected from other compromised devices on the network during or after the reimage process.
The other options like safe mode, verifying file consistency, last known-good backups, and enabling the firewall can be helpful troubleshooting steps for some issues, but they aren’t enough on their own to be sure all traces of the malware are gone, which is why a full reimage is needed in this scenario.
CompTIA 220-1102 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA 220-1102 exam and earn CompTIA 220-1102 certification.