CompTIA Security Plus Mock Test Q661

A system administrator has noticed vulnerability on a high impact production server. A recent update was made available by the vendor that addresses the vulnerability but requires a reboot of the system afterwards. Which of the following steps should the system administrator implement to address the vulnerability?

A. Test the update in a lab environment, schedule downtime to install the patch, install the patch and reboot the server and monitor for any changes
B. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the patch, and monitor for any changes
C. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes
D. Backup the server, schedule downtime to install the patch, installs the patch and monitor for any changes

Correct Answer: C
Section: Threats and Vulnerabilities

Explanation:
We have an update to apply to fix the vulnerability. The update should be tested first in a lab environment, not on the production server to ensure it doesn’t cause any other problems
with the server. After testing the update, we should backup the server to enable us to roll back any changes in the event of any unforeseen problems with the update. The question
states that the server will require a reboot. This will result in downtime so you should schedule the downtime before installing the patch. After installing the update, you should monitor
the server to ensure it is functioning correctly.

Incorrect Answers:
A: This answer is almost complete but is omits the step of backing up the server. We should backup the server to enable us to roll back any changes in the event of any unforeseen
problems with the update.
B: This answer is almost complete but is omits the step of rebooting the server. The question states that the update requires a reboot of the server.
D: This answer omits the important step of testing the update. Updates should always be testing in a lab environment before being deployed to productions servers.