Free CCFA-200 Actual Exam Questions s - Question 10 Discussion
following prevention policy configurations would best protect against ransomware attacks while
maintaining usability?
B I get the concern about usability, but enabling aggressive mode with Write Deny and script blocking offers the strongest defense. Better safe than sorry with ransomware.
It’s C. Disabling aggressive protection but keeping Write Deny and script blocking could reduce false positives while still stopping ransomware attempts on key folders. Balances protection without aggressive alerts.
Makes sense to avoid aggressive mode since it could interfere with normal workflows. Option A’s balance of standard protection plus script blocking seems like the best bet here. A
It’s A. Aggressive mode with Write Deny might be too strict and hurt usability by blocking legit processes. Standard protection with script blocking still offers solid defense without being overly disruptive.
Option A avoids harsh file blocks, keeping usability while still stopping most ransomware.
B imo makes sense because aggressive protection plus Write Deny really locks down critical folders, and keeping script blocking on helps stop common ransomware delivery methods without breaking too much functionality.
Maybe B. Aggressive protection combined with Write Deny on critical folders sounds solid against ransomware, and script blocking helps cut off attack vectors. A might be too soft since it disables Write Deny, which is important. C doesn’t make sense because it disables aggressive protection but still uses Write Deny and script blocking, so that’s a mixed message. D disables script blocking, which seems like a weird choice if you’re going aggressive on other fronts. So B looks like the best balance to block ransomware without totally messing things up.