A technician is troubleshooting a computer that has been infected with ransomware. The ransomware encrypted files and left a note demanding payment. After removing the malware, what is the most important step to prevent future infections?
Backups mitigate data loss, and user education reduces the likelihood of future infections.
Why this answer
Ransomware often enters via email attachments or malicious downloads. User education on safe browsing and email practices is critical to prevention. This tests understanding of the human factor in security and the limitations of technical controls alone.