CompTIA Security+ (SY0-501) — Question 49

A portable data storage device has been determined to have malicious firmware.
Which of the following is the BEST course of action to ensure data confidentiality?

Answer options

• A. Format the device
• B. Re-image the device
• C. Perform virus scan in the device
• D. Physically destroy the device

Correct answer: C

Explanation

Performing a virus scan on the device (option C) is the best approach because it can identify and potentially remove the malicious firmware while preserving data confidentiality. Formatting the device (option A) would erase data but not address the firmware issue. Re-imaging (option B) may not eliminate the malicious firmware if it's persistent, and physically destroying the device (option D) is an extreme measure that results in total data loss.