220-1102 Practice Question: A technician removes a ransomware popup from a…

Answer choices

Why each option matters

Good practice is not just finding the correct option. The wrong answers often show the exact trap the exam wants you to fall into.

Answer analysis

Why the other options are wrong

Understanding why incorrect options are tempting is as important as knowing the correct answer.

• ✗

  Reinstall the operating system

  Reinstalling is excessive; the malware has been removed; residual changes can be fixed more simply.

• ✗

  Restore the system from a recent backup

  Restoring from backup could reintroduce the malware and may cause loss of recent data.

• ✗

  Disable the network adapter

  Disabling networking would prevent the malware from communicating but does not fix the browser hijack.

Technical deep dive

How to think about this question

The scenario describes a common post-malware cleanup task where the primary threat has been neutralized, but its lingering effects, often referred to as 'Potentially Unwanted Programs' (PUPs) or browser hijackers, remain. Resetting browser settings and removing unwanted extensions is the most direct and appropriate next step because these actions specifically target the symptoms described: a changed homepage and unwanted extensions. Modern web browsers include built-in features to reset their configuration to default, effectively undoing changes made by malware or PUPs, such as altering the default search engine, homepage, or installing malicious extensions. This process is non-destructive to user data outside the browser and is a standard procedure for restoring browser integrity after an infection. This approach is efficient because it addresses the problem precisely without resorting to more drastic measures. Reinstalling the operating system, while effective for a complete system cleanse, is overkill here since the core malware has already been removed and only browser-specific issues persist. Restoring from a backup is also problematic; if the backup predates the infection, it could reintroduce the malware, or if it's too recent, it might still contain the browser hijack. Disabling the network adapter, while useful during initial malware removal to prevent communication, does nothing to fix the local browser configuration issues once the threat is contained. The technician's goal is to restore normal functionality with the least amount of disruption, making targeted browser cleanup the logical progression.

More questions from this exam

Keep practising from the same exam bank, or move into a focused topic page if this question exposed a weak area.

FAQ

Questions learners often ask

Keep practising

More 220-1102 practice questions

• →A change advisory board (CAB) approved a standard change to update antivirus definitions on all servers. The technician…
• →A company's change management policy requires all server changes to be approved by the Change Advisory Board (CAB). A te…
• →A company is implementing a bring-your-own-device (BYOD) policy and needs to ensure that corporate data on employee mobi…
• →A company requires employees to present both a smart card and a PIN to log into their workstations. Which authentication…
• →A company requires all Windows 10 workstations to be able to join an Active Directory domain. Which edition of Windows 1…
• →A company wants to allow employees to securely access internal resources from home via the internet. Which method provid…