Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Comptia A+ Core 2 > 3.3 - Removing Malware > Flashcards

3.3 - Removing Malware Flashcards

1
Q

Malware removal

A
  • This is almost never the best practice
    – It’s impossible to know if all of the malware
    has been removed
  • Ideally, you should delete everything and start over
    – Restore from a known-good backup
    – Install from the original media
  • There are reasons to remediate
    – Important user documents may need to be recovered
    – Get the system running well enough to
    backup certain files
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Verify malware symptoms
A
  • Odd error messages
    – Application failures, security alerts
  • System performance issues
    – Slow boot, slow applications
  • Research the malware
    – Know what you’re dealing with
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. Quarantine infected systems
A
  • Disconnect from the network
    – Keep it contained
  • Isolate all removable media
    – Everything should be contained
  • Prevent the spread
    – Don’t transfer files, don’t try to backup
    – That ship sailed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Disable System Restore
A
  • Restore points make it easy to rewind
    – Malware infects restore points
  • Disable System Protection
    – No reason to save an infected config
  • Delete all restore points
    – Remove all infection locations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

4a. Remediate: Update anti-virus

A
  • Signature and engine updates
    – The active anti-virus engine
    – Signature updates
    – A very, very tiny shelf life
  • Automatic vs. manual
    – Manual updates are almost pointless
  • Your malware may prevent the update process
    – Copy from another computer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

4b. Remediate: Scan and remove

A
  • Microsoft and others - The big anti-virus apps
  • Malware-specific -
    – Scan and remove difficult malware
  • Stand-alone removal apps
    – Check with your anti-virus company
  • There’s really no way to know if it’s really gone
    – Delete and rebuild
  • Safe mode
    – Load the bare minimum operating system
    – Just enough to get the OS running
    – Can also prevent the bad stuff from running
  • Pre-installation environment (WinPE)
    – Recovery Console, bootable CD/DVDs/USBs
    – Build your own from the Windows
    – Assessment and Deployment Kit (ADK)
  • May require the repair of boot records and sectors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Schedule scans and run updates
A
  • Built into the antivirus software
    – Automated signature updates and scans
  • Task scheduler
    – Run any task
  • Operating system updates
    – Make sure its enabled and working properly
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Enable System Protection
A
  • Now you’re clean
    – Put things as they were
  • Create a restore point
    – Start populating again
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Educate the end user
A
  • One on one
    – Personal training
  • Posters and signs
    – High visibility
  • Message board posting
    – The real kind
  • Login message
    – These become invisible
  • Intranet page
    – Always available
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Comptia A+ Core 2 (69 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions