logo image

12.13 Security Troubleshooting

Your antimalware software has detected a virus on your Windows 10 system. However, the
antimalware software is unable to remove it, and when you try to delete the files, you can’t
because they are in use.
What should you try first?
Boot into Safe Mode and try removing the malware
A user reports that his machine will no longer boot properly. After asking several questions to
determine the problem, you suspect the user unknowingly downloaded malware from the
Internet, and that the malware corrupted the boot block.
Based on your suspicions, what actions could you take to correct the problem? (Select two.)
-Reimage the machine.
-Boot from the Windows 7 installation DVD and use the Recovery Environment to run a startup repair.
A user reports that her machine is behaving erratically. She suspects something is wrong
because lately a firewall alert keeps indicating programs are trying to access the Internet, and
several files have disappeared or have been renamed. What do you suspect is causing these
problems?
Malware infection
You discover that a system on your network has been infected with a worm. What is the best
way to prevent the spread of the worm to other systems while you work on removing the worm?
Quarantine the computer
You have installed antimalware software on computers at your business. Within a few days,
however, you notice that one computer has a virus. When you question the user, she says she
did install some software a few days ago, but it was supposed to be a file compression utility.
She admits she did not scan the file before running it.
What should you add to your security measures to help prevent this from happening again?
Use awareness training
Which of the following is the process of fixing problems detected by antivirus software so that
the computer is restored to its original state?
Remediation
While browsing the Internet, a popup browser window is displayed warning you that your
system is infected with a virus. You are directed to click a link to remove the virus.
What should you do? (Select two.)
Run a full system scan using the antimalware software installed on your system.

Update the virus definitions for your locally installed antimalware software

Which techniques are used in a pharming attack to redirect legitimate web traffic to malicious
websites? (Select two.)
Changing the hosts file of a user’s computer

Exploiting DHCP servers to deliver the IP address of poisoned DNS servers

Which of the following are likely symptoms of malware infection? (Select two.)
Changed file permissions

Renamed system files

A user reports that his machine will no longer boot properly. After asking several questions to
determine the problem, you suspect the user unknowingly downloaded malware from the
Internet, and that the malware has infected the system.
Based on your suspicions, what actions could you take to correct the problem? (Select two.)
Revert the system to a restore point created before the malware infection occurred.

Use an antimalware scanner to scan for and remove the infection

A user within your organization received an email relating how an account containing a large sum of money has been frozen by the government of a small Middle Eastern nation. The user was offered a 25% share of this account if she would help the sender transfer it to a bank in the
United States. The user responded and was instructed to wire $5,000 to the sender to facilitate the transfer. She complied, but has not heard from the sender since.
What type of attack occurred in this scenario?
Nigerian 419 scam
Which of the following describes a Man-in-the-Middle attack?
An attacker intercepts communications between two network hosts by impersonating
each host.
A router on the border of your network receives a packet with a source address that shows it
originating from a client on the internal network. However, the packet was received on the
router’s external interface, which means it originated somewhere on the Internet.
What form of attack has occurred in this scenario?
Spoofing
The TCP/IP session state between two computers on a network is being manipulated by an attacker such that she is able to insert tampered packets into the communication stream.
What type of attack has occurred in this scenario?
Hijacking

Need essay sample on "12.13 Security Troubleshooting"? We will write a custom essay sample specifically for you for only .90/page

Can’t wait to take that assignment burden offyour shoulders?

Let us know what it is and we will show you how it can be done!
×
Sorry, but copying text is forbidden on this website. If you need this or any other sample, please register
Signup & Access Essays

Already on Businessays? Login here

No, thanks. I prefer suffering on my own
Sorry, but copying text is forbidden on this website. If you need this or any other sample register now and get a free access to all papers, carefully proofread and edited by our experts.
Sign in / Sign up
No, thanks. I prefer suffering on my own
Not quite the topic you need?
We would be happy to write it
Join and witness the magic
Service Open At All Times
|
Complete Buyer Protection
|
Plagiarism-Free Writing

Emily from Businessays

Hi there, would you like to get such a paper? How about receiving a customized one? Check it out https://goo.gl/chNgQy