A corporate network was recently infected by a malicious application on a flash drive that downloaded sensitive company files and injected a virus, which spread onto the network. Which of the following best practices could have prevented the attack?
A. Implementing strong passwords
B. Changing default credentials
C. Disabling AutoRun
D. Removing Guest account
E. Encrypting data
CompTIA A+ 220-1102 (Core 1) ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
C. Disabling AutoRun – the “malicious application” started automatically via AutoRun. But somebody had to be logged in at the time else the AutoRun would not execute. But if AutoRun is disabled, it doesn’t matter who is logged in – because the malicious program on the flash drive could not run.
So NOT A or B or D: all account access precautions. Too late. The account was already in session when the culprit inserted the flash drive, else it wouldn’t have been able to run the malicious program.