CompTIA Security Plus Mock Test Q756

An administrator finds that non-production servers are being frequently compromised, production servers are rebooting at unplanned times and kernel versions are several releases behind the version with all current security fixes. Which of the following should the administrator implement?


A.
Snapshots
B. Sandboxing
C. Patch management
D. Intrusion detection system


Correct Answer: C
Section: Application, Data and Host Security

Explanation:
Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems
from newly discovered attacks and vulnerabilities.

Incorrect Answers:
A: Snapshots are backups of virtual machines that can be used to quickly recover from errors or poor updates. It does not ensure that the latest kernel version with all current security
fixes is installed on the system.
B: Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential malware that may be embedded in the new application from
being able to cause harm to production systems. It does not ensure that the latest kernel version with all current security fixes is installed on the system.
D: An intrusion detection system (IDS) is an automated system that detects intrusions or security policy violations on networks or host systems. It does not ensure that the latest kernel
version with all current security fixes is installed on the system.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 204-205, 220
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 21, 231-232, 249, 250