Palo Alto Networks Security Operations Professional — Question 12

Which solution will minimize mean time to resolution (MTTR) when, as a result of previous malware infection, a company’s Windows endpoint is suffering a small amount of file corruption and modified registry keys?

Answer options

• A. Issue a new laptop from the help desk to expedite a clean system.
• B. Use Live Terminal to connect to the machine and upload files to replace the corrupted files.
• C. Use group policy objects to push new files and registry key changes to the endpoint.
• D. Use remediation suggestions to restore the affected files and registry modifications.

Correct answer: D

Explanation

The correct answer, D, focuses on using remediation suggestions specifically designed to address the issues caused by the malware, which is the most efficient way to resolve the situation. Option A, while it provides a clean system, does not address the immediate problem of file corruption and modified registry keys. Option B involves manual intervention that may not be as swift, and option C may not effectively resolve the corruption if files are already compromised.