300-910 · Question #50
300-910 Question #50: Real Exam Question with Answer & Explanation
The correct answer is D: Apply all the latest patches and updates. To prevent new security threats after a system exploit, the most crucial action is to consistently apply all the latest patches and updates to address known vulnerabilities.
Question
An application for storing and categorizing has been developed. The application uses dual-factor authentication for user access. After authentication, users can upload sensitive data. The application has been hacked through system exploits and most of the saved data has been lost. Which action prevents new security threats in the environment?
Options
- AUse self-developed algorithms for encryption
- BInstall virtual firewalls
- CActively change the ISP provider
- DApply all the latest patches and updates
Explanation
To prevent new security threats after a system exploit, the most crucial action is to consistently apply all the latest patches and updates to address known vulnerabilities.
Common mistakes.
- A. Using self-developed algorithms for encryption is a highly discouraged security practice, as custom cryptography is often insecure and introduces more vulnerabilities than it solves.
- B. While installing virtual firewalls is part of a good security posture to control network traffic, they primarily prevent unauthorized access attempts rather than directly addressing internal system exploits caused by unpatched software.
- C. Changing the ISP provider has no direct impact on preventing 'system exploits' against an application or server, as these exploits target vulnerabilities within the system itself, not the network connectivity provider.
Concept tested. Vulnerability management and patching
Reference. https://www.cisa.gov/resources-tools/resources/cybersecurity-best-practices-guide/patch-management
Topics
Community Discussion
No community discussion yet for this question.