A computer becomes infected with malware, which manages to steal all credentials stored on the PC. The malware then uses elevated credentials to infect all other PCs at the site. Management asks the IT staff to take action to prevent this from reoccurring. Which of the following would BEST accomplish this goal?
A. Use an antivirus product capable of performing heuristic analysis
B. Use a host-based intrusion detection system on each computer
C. Disallow the password caching of accounts in the administrators group
D. Install a UTM in between PC endpoints to monitor for suspicious traffic
E. Log all failed login attempts to the PCs and report them to a central server
CompTIA A+ 220-1102 (Core 1) ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
 |
Question says “to PREVENT this (malware infections? or using elevated credentials?) from reoccurring”.
C? — Disallow the password caching of accounts in the administrators group (last line of defense)
D? – Unified Threat Management devices provide integrated Intrusion prevention [first line of defense]
Not A – Heuristic analysis is a method employed by many computer antivirus programs designed to DETECT – not PREVENT – previously unknown computer viruses, as well as new variants of viruses already in the “wild.”
The question states “take action to PREVENT this from reoccurring” — PREVENT not DETECT. But doesn’t specify which: the malware or the elevated credentials.
[Question says “to PREVENT this from reoccurring” – doesn’t say to DETECT it]
Not A – the heuristic model was specifically designed to DETECT suspicious characteristics – as well as new variants of viruses already in the “wild”]-
D – Unified Threat Management devices provide integrated Intrusion PREVENTION by blocking the exploit of vulnerabilities.