The help desk informed a security analyst of a trend that is beginning to develop regarding a suspicious email that has been reported by multiple users.
The analyst has determined the email includes an attachment named invoice.zip that contains the following files:
– Locky.js
– xerty.ini
– xerty.lib
Further analysis indicates that when the .zip file is opened, it is installing a new version of ransomware on the devices.
Which of the following should be done FIRST to prevent data on the company NAS from being encrypted by infected devices?
A . Disable access to the company VP
C . Move the files from the NAS to a cloud-based storage solution.
D . Set permissions on file shares to read-only.
E . Add the URL included in the .js file to the company’s web proxy filter.
Answer: D
Leave a Reply