A technician is removing malware from a workstation. The malware was installed via a phishing attack, which was initiated from a link that was included in an email.
Which of the following should the technician do to address this issue? (Choose two.)
- Ensure the anti-rootkit utility is up to date and run it to remove the threat.
- Update the host firewall to block port 80 on the workstation.
- Restore the system using the last known-good configuration from the recovery console.
- Ensure antivirus is up to date and install the latest patches.
- Educate the user on verifying email links by hovering over them before clicking.
- Ensure endpoint protection is up to date and run the utility to remove the threat.