You discover that your computing system has been infected by a piece of malicious code. You have no idea when the infection occurred. You do have backups performed every week since the system was put into operation but, of course, there have been numerous changes to the system over time. How could you use the backups to construct a "clean" version of your system?
What will be an ideal response?
Impossible
way:
Start
from
the
beginning
and
rebuild
from
first
backup,
applying
all
changes
in
order.
Potentially
feasible:
Compare
files
of
original
backup
with
current
files.
Try
to
account
for
differences
(new
files,
changed
file
sizes).
Review
all
backups
to
determine
when
each
file
was
changed
or
created.
Note,
this
is
also
a
very
difficult
task.
If
the
infection
can
be
made
to
manifest
itself
(that
is,
if
there
is
a
test
that
will
show
the
effect
of
the
infection),
start
with
backup
1,
test,
apply
backup
2,
test,
…
continue
until
test
shows
infection.
Note
that
none
of
these
approaches
are
"easy."
You might also like to view...
One of the most effective ways of increasing computer performance is to increase the size of virtual memory
Indicate whether the statement is true or false
What is Relative positioning?
What will be an ideal response?