CompTIA Security Plus Mock Test Q754

A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates. Which of the following processes could MOST effectively mitigate these risks?

A. Application hardening
B. Application change management
C. Application patch management
D. Application firewall review

Correct Answer: C
Section: Application, Data and Host Security

The question states that operating system updates are applied but not other software updates. The ‘other software’ in this case would be applications. Software updates includes
functionality updates and more importantly security updates. The process of applying software updates or ‘patches’ to applications is known as ‘application patch management’.
Application patch management is an effective way of mitigating security risks associated with software applications.

Incorrect Answers:
A: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary
functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services.
B: Application change management is the processing of managing any changes to an application. It can include updating an application by applying patches but it also commonly
includes making any configuration change in the application.
D: Application firewall review is the process of reviewing the configuration of a software based firewall. The configuration under review is typically who can access the system and from
where the system can be accessed. It does not include the installation of application patches.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 215-217