A user calls the help desk saying they cannot log into their Windows 10 workstation because a message claims their files are encrypted and they must pay a ransom. What is the most effective remediation approach?
A company's security policy requires that all USB storage devices be blocked on company workstations to prevent data exfiltration. A manager needs to temporarily use a USB drive for a presentation. What is the best way to remediate this while maintaining security?
A small business owner wants to ensure that if a laptop is stolen, the data on the drive cannot be read. The laptop runs Windows 11 Pro. What is the most appropriate remediation?
A company has a policy that all workstations must automatically lock after 10 minutes of inactivity. A user complains that their computer does not lock automatically. Which setting should you check and remediate?
During a security audit, you find that several employees have been using the same weak password for their domain accounts. Which remediation should you implement first?
A technician is configuring a new Windows 10 workstation for a remote employee who will handle sensitive customer data. Which security feature should be enabled to ensure that if the laptop is lost, the data remains protected?
During a routine check, a technician finds that a user's Windows 10 computer has an outdated antivirus that hasn't updated in 3 months. The user claims they never saw any update prompts. What is the most likely reason and the appropriate remediation?
A customer reports that their computer is running slowly and they see pop-up ads even when no browser is open. They suspect malware. Which of the following should you perform first to remediate this issue?
A user reports that their Windows 10 computer is infected with a virus that keeps reinstalling itself after removal. What should you do to remediate this persistent infection?
A user's computer is infected with adware that changes the browser homepage and displays constant pop-ups. After removing the adware with an antivirus, the homepage remains changed. What additional remediation step should you take?
A company's security policy requires that all workstations use a host-based firewall to block incoming connections except for specific allowed applications. A technician needs to configure this on a Windows 10 PC. Which tool should they use?
A technician discovers that a Windows 10 workstation has been infected with a fileless malware that resides in memory. Traditional antivirus scans have not detected it. Which approach should the technician use to remove this type of malware?
A technician is troubleshooting a Windows 10 PC that was infected with a rootkit. After booting from a rescue disk and running a scan, the rootkit is removed, but the system is still unstable. What should the technician do next to ensure the system is fully remediated?
A user calls the help desk because their workstation is running very slowly and they notice unusual network activity. You suspect ransomware. What should you do first to contain the threat?
A company policy requires that all USB flash drives be encrypted before use. A technician needs to configure a new drive for a manager who will store confidential client data. Which built-in Windows tool should the technician use?
A technician is responding to a security incident where an employee's credentials were used to access a server without authorization. The employee claims they did not perform the action. Which of the following should the technician do first to remediate the compromised account?
A technician is configuring a new Windows 10 workstation for a user who handles sensitive financial data. The company policy mandates that the screen lock after 5 minutes of inactivity and require a password on wake. Which settings should the technician configure?
A small business owner wants to ensure that all company laptops have their hard drives encrypted in case of theft. The laptops run Windows 10 Pro. Which technology should the technician enable to meet this requirement?
A customer reports that their Windows 10 laptop is displaying pop-up ads even when no browser is open. They suspect a malware infection. Which of the following should you do first to remediate this issue?
A user reports that their Windows 10 PC is infected with a virus that keeps reappearing after removal. The technician boots into Safe Mode, runs a full antivirus scan, and removes the threat. However, after rebooting normally, the virus returns. What is the most likely reason?
A user calls the help desk saying their PC suddenly displays a ransom note demanding payment in Bitcoin to unlock their files. They cannot open any documents or images. What is the first action you should take?
During a routine security audit, you find that several workstations have the same local administrator password. The company policy requires unique passwords for each machine. Which tool or method should you use to enforce unique local administrator passwords across the domain?
A company's network was breached, and forensic analysis reveals that an attacker used a pass-the-hash attack to move laterally. Which security measure would most effectively prevent this type of attack in the future?
A security analyst discovers that a user's workstation has been compromised by a rootkit that hides its processes from Task Manager. The rootkit is not detected by the installed antivirus. Which step is most effective for remediation?
A company's security policy mandates that all USB flash drives must be encrypted before use. A user inserts a new USB drive and wants to encrypt it on a Windows 10 Pro workstation. Which built-in tool should be used?
A technician is configuring a new Windows 10 workstation for a remote employee. The employee will use the laptop to access company resources via VPN. Which security setting should be configured to ensure the VPN connection is always used when accessing the internet?
A customer reports that their Windows 10 PC is slow and displays pop-up ads even when no browser is open. They suspect malware. After running a full antivirus scan, the symptoms persist. Which step should you take next to remediate the issue?
A small business owner wants to ensure that all company laptops are protected in case of theft. They need a solution that encrypts the entire hard drive and requires a pre-boot PIN. Which security feature should you implement?
A user reports that their Windows 10 PC is infected with a virus that changes the desktop background to a ransom note. After removing the virus with antivirus software, the desktop background remains unchanged. What should you do to restore the original background?
A user reports that their external hard drive is no longer recognized by Windows. They suspect it might be infected with malware from a previous connection. You run a security scan and find no threats. What is the most likely cause of the drive not being recognized?
More PC Security Issue Remediation questions available in the full practice test.