During ransomware containment, why is it important that backups be offline?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Get ready for the Cybersecurity and Digital Forensics Test with comprehensive multiple choice questions, flashcards, and detailed explanations. Enhance your skills and prepare for success in the digital security field!

Multiple Choice

During ransomware containment, why is it important that backups be offline?

Explanation:
When ransomware containment is in play, backups must be offline to stay safe from the attack. Keeping backups disconnected from the network or stored on removable media that isn’t mounted means the malware cannot reach them to encrypt or tamper with them. This air-gapped setup preserves clean restore points, allowing you to recover systems from a known good state after the incident. Testing and verification of those backups should still be done, but the core protection during containment is that offline backups are immune to the encryption that the ransomware is deploying. The other options don’t fit the scenario: offline status doesn’t inherently speed up backup; making backups always online would expose them to encryption; and the idea of keeping backups from testing isn’t relevant to safeguarding recoverability during an attack.

When ransomware containment is in play, backups must be offline to stay safe from the attack. Keeping backups disconnected from the network or stored on removable media that isn’t mounted means the malware cannot reach them to encrypt or tamper with them. This air-gapped setup preserves clean restore points, allowing you to recover systems from a known good state after the incident. Testing and verification of those backups should still be done, but the core protection during containment is that offline backups are immune to the encryption that the ransomware is deploying.

The other options don’t fit the scenario: offline status doesn’t inherently speed up backup; making backups always online would expose them to encryption; and the idea of keeping backups from testing isn’t relevant to safeguarding recoverability during an attack.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy