Comprehensive and Detailed Step-by-Step Explanation:
Recovering from ransomware requires backups that are unaffected by the ransomware attack. Here's why offline backups are most effective:
A. Online backup: These are connected to the network and may also be compromised during an attack.
B. Incremental backup: While efficient, incremental backups rely on previous backups and are typically stored online, making them vulnerable to ransomware.
C. Differential backup: Similar to incremental backups, these are not immune if stored online or on compromised systems.
D. Offline backup: This is the BEST choice as offline backups are stored in a location that is not connected to the network, preventing ransomware from encrypting them.
[Reference: CISM Job Practice Area 4 (Information Security Incident Management) includes guidance on establishing robust backup strategies for recovery., , , , , , , , ]
Submit