nerdexam
CompTIA

CAS-003 · Question #23

A recent assessment identified that several users' mobile devices are running outdated versions of endpoint security software that do not meet the company's security policy. Which of the following sho

The correct answer is C. Patch management. Patch management is the correct process to update outdated endpoint security software on mobile devices so they meet the company security policy and regain compliant network access.

Enterprise Security Operations

Question

A recent assessment identified that several users' mobile devices are running outdated versions of endpoint security software that do not meet the company's security policy. Which of the following should be performed to ensure the users can access the network and meet the company's security requirements?

Options

  • AVulnerability assessment
  • BRisk assessment
  • CPatch management
  • DDevice quarantine
  • EIncident management

How the community answered

(63 responses)
  • A
    3% (2)
  • C
    95% (60)
  • E
    2% (1)

Why each option

Patch management is the correct process to update outdated endpoint security software on mobile devices so they meet the company security policy and regain compliant network access.

AVulnerability assessment

A vulnerability assessment scans and catalogs weaknesses but does not deploy fixes; the deficiency has already been identified as outdated security software, so running another assessment does not remediate the problem.

BRisk assessment

A risk assessment evaluates the probability and impact of threats and informs decision-making but produces no remediation action; the organization already knows the risk and needs the software updated, not re-evaluated.

CPatch managementCorrect

Patch management covers the systematic deployment of software updates to endpoints to bring them in line with defined security baselines - applying the missing endpoint security software updates directly remediates the version deficiency identified and returns the devices to a policy-compliant state required for network access.

DDevice quarantine

Device quarantine isolates non-compliant endpoints from the network to limit exposure but does not update or fix the outdated software; quarantine may be a temporary enforcement step but cannot substitute for the actual remediation.

EIncident management

Incident management applies the incident response lifecycle to active security events; outdated security software is a compliance gap requiring remediation, not an active incident that warrants declaration, containment, and post-incident review.

Concept tested: Patch management for mobile endpoint policy compliance

Source: https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started

Topics

#patch management#endpoint security#MDM compliance#mobile device policy

Community Discussion

No community discussion yet for this question.

Full CAS-003 Practice