Comprehensive and Detailed Explanation From Exact Extract:
Once a malware incident has been confirmed, the immediate next step is to contain the threat. Quarantining infected systems prevents the malware from spreading to other devices and isolates the malicious code for further analysis or remediation.
B. Educating end users is important but occurs later in the incident response process.
C. Disabling System Restore is part of cleanup, not containment.
D. Updating and scanning should occur after the system is quarantined to prevent further infection or spread.
[Reference:, CompTIA A+ 220-1102 Objective 2.5: Given a scenario, detect, remove, and prevent malware using appropriate tools and methods., Study Guide Section: Malware removal best practices — Step 2: Quarantine the infected system, ===========================, ]
Submit