3.3 Flashcards
What is the first best practice procedure for malware removal?
Identify and research malware symptoms
What is the second best practice procedure for malware removal?
Quarantine the infected systems
What is the third best practice procedure for malware removal?
Disable System Restore (In Windows)
What is the fourth best practice procedure for malware removal?
Remediate the infected systems
What is the fifth best practice procedure for malware removal?
Schedule scans and run updates
What is the sixth best practice procedure for malware removal?
Enable System Restore and create a restore point
What is the seventh best practice procedure for malware removal?
Educate the end user
When attempting to quarantine an infected system, what is the first step you should take?
Disconnect it from the network and isolate all removable media.
Why do we disable System Restore in step 3?
Because malware infects restore points making them unusable.
How do you delete all of your previous restore points?
Under restore settings, select the “disable system protection” option.
Why do we delete all of the previous restore points?
To prevent an accidental restoration which would reintroduce the malware.
What is involved with remediating the infected systems?
Updating AV/AM signatures and making sure they’re automatically being updated for the future.
You try downloading a AV/AM utility to your infected computer, but the malware prevents you. How do you go about getting AV/AM software?
Download it on a clean computer and then copy it over to the infected one.
After moving AV/AM software from a clean to infected computer, what should you do with the removable media you used for transfer?
Get rid of it.
