Microsoft Cybersecurity Architect Expert SC-100
Get started today
Ultimate access to all questions.
Your company aims to enhance its cybersecurity measures by implementing Microsoft Defender for Endpoint to safeguard its resources from ransomware threats. Following the guidelines provided in the Microsoft Security Best Practices, specifically the procedures endorsed by the Microsoft Detection and Response Team (DART), you are tasked with detailing the necessary components to be included in a post-breach response plan for computers that have been compromised. What elements should be incorporated into this plan to effectively respond to ransomware incidents?
Your company aims to enhance its cybersecurity measures by implementing Microsoft Defender for Endpoint to safeguard its resources from ransomware threats. Following the guidelines provided in the Microsoft Security Best Practices, specifically the procedures endorsed by the Microsoft Detection and Response Team (DART), you are tasked with detailing the necessary components to be included in a post-breach response plan for computers that have been compromised. What elements should be incorporated into this plan to effectively respond to ransomware incidents?
Explanation:
The correct answer is D, which is 'machine isolation'. According to Microsoft Security Best Practices and the DART approach, isolating machines that have been compromised helps to contain the attack and prevent it from spreading to other parts of the network. This step is crucial in the post-breach response plan to limit the damage and allow for proper remediation activities to be carried out.