CompTIA A+ Core 2 (220-1002) — Question 24

A user reports malware activity on an isolated workstation used for testing. It is running an end-of-life OS, and a USB drive is the only method used to transfer files. After removing the malware and replacing the USB drive with a brand new one, the technician gives the approval to use the equipment. The next day the user reports the same malware activity is present after powering on the system.
Which of the following did the technician forget to do to prevent reinfection?

Answer options

• A. Connect to the network and update the OS with the latest security patches
• B. Scan and clean the USB device used to transfer data from the equipment
• C. Disable System restore and remove all restore points from the system
• D. Update the local antivirus and set it to scan automatically every evening

Correct answer: D

Explanation

The correct answer is D because updating the local antivirus and setting it to scan regularly helps to detect and eliminate any potential malware that could reinfect the system. Options A and C do not address the immediate threat of malware from the USB drive, while option B does not cover the fact that the system's antivirus needs to be current to effectively combat reinfection.