CompTIA A+ Core 2 (220-1002) — Question 352

A technician receives the Chief Executive Officer's (CEO's) Windows 10 laptop, which has been infected with malware. The technician wants to make sure best practices are followed for troubleshooting and remediating the malware. Which of the following best practices should the technician perform FIRST in this scenario? (Choose three.)

Answer options

• A. Disconnect the device from the network
• B. Identify and research the symptoms
• C. Restore the computer to the previous checkpoint
• D. Scan and use removal techniques
• E. Create a restore point
• F. Educate the end user
• G. Schedule scans and run updates

Correct answer: A, B, D

Explanation

The correct initial steps involve disconnecting the device from the network to prevent the malware from spreading, identifying and researching symptoms to understand the infection, and scanning to remove the malware. Restoring to a previous checkpoint may not address the current infection, creating a restore point is not a direct response to the current issue, and educating the end user, while important, is not a priority in the immediate remediation process.