After deploying an antivirus solution on some network-isolated industrial computers, the service desk team received a trouble ticket about the following message being displayed on the computers’ screens:
Your AV protection has blocked an unknown application while performing suspicious activities. The application was put in quarantine.
Which of the following would be the SAFEST next step to address the issue?
A . Immediately delete the detected file from the quarantine to secure the environment and clear the alert from the antivirus console.
B . Perform a manual antivirus signature update directly from the antivirus vendor’s cloud.
C . Centrally activate a full scan for the entire set of industrial computers, looking for new threats.
D . Check the antivirus vendor’s documentation about the security modules, incompatibilities, and software whitelisting.
Answer: D
Leave a Reply