CERTIFIED-IN-CYBERSECURITY · Question #3
A best practice of patch management is to:
The correct answer is C. Test patches before applying them. Patches sometimes disrupt a system's configurations and stability. One of the main challenges for security professionals is to ensure that patches are deployed as quickly as possible, while simultaneously ensuring the stability of running systems. To prevent flawed patches from n
Question
A best practice of patch management is to:
Options
- AApply patches according to the vendor's reputation
- BApply patches every Wednesday
- CTest patches before applying them
- DApply all patches as quickly as possible
How the community answered
(26 responses)- B8% (2)
- C88% (23)
- D4% (1)
Explanation
Patches sometimes disrupt a system's configurations and stability. One of the main challenges for security professionals is to ensure that patches are deployed as quickly as possible, while simultaneously ensuring the stability of running systems. To prevent flawed patches from negatively affecting running systems, it is good practice to test patches in a designated qualification environment before applying them to production systems (see ISC2 Study Guide, chapter 5, module 2 under Configuration Management Overview). Applying patches as quickly as possible is not a good practice. The vendor's reputation can be useful to know, but is not in itself sufficient to qualify the patch. Applying patches on fixed days also does not guarantee the stability of functioning systems after the patch is applied.
Topics
Community Discussion
No community discussion yet for this question.