CompTIA A+ Core 2 (220-1002) — Question 250

Malware has been identified on a critical system that is currently quarantined. Which of the following should a technician do after the malware symptoms are correctly identified?

Answer options

• A. Educate the power user for that system.
• B. Schedule weekly scans and run routine updates.
• C. Disable System Restore.
• D. Remediate the infected system.

Correct answer: C

Explanation

Disabling System Restore is essential because it can harbor malware, preventing complete removal. While educating users and scheduling scans are valuable practices, they do not directly address the immediate threat posed by the malware. Remediating the infected system is crucial, but it cannot be effectively done if System Restore is still active, as it may restore the malware after cleanup.