A user's PC is performing slowly after the user clicked on a suspicious email attachment. The technician notices that a single process is taking 100% of RAM, CPU, and network resources. Which of the following should the technician do first?
A.
Disconnect the computer from the network
B.
Run an antivirus scan
C.
Reboot the computer
D.
Educate the user about cybersecurity best practices
The technician should disconnect the computer from the network (Option A) first to prevent any further spread of the infection or data loss. Once the machine is isolated from the network, the technician can safely investigate the malware without risking infection to other systems.
Running an antivirus scan (Option B) comes after isolating the system.
Rebooting the computer (Option C) could lead to the loss of critical information or make it harder to diagnose the issue.
Educating the user (Option D) is important but should happen after resolving the immediate issue.
CompTIA A+ Core 2 References:
3.3 - Best practices for malware removal, including isolating the system first.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit