CompTIA Security Plus Mock Test Q804

A company is about to release a very large patch to its customers. An administrator is required to test patch installations several times prior to distributing them to customer PCs. Which of the following should the administrator use to test the patching process quickly and often?

A. Create an incremental backup of an unpatched PC
B. Create an image of a patched PC and replicate it to servers
C. Create a full disk image to restore after each installation
D. Create a virtualized sandbox and utilize snapshots


Correct Answer: D
Section: Application, Data and Host Security

Explanation:
Sandboxing is the process of isolating a system before installing new applications or patches on it so as to restrict the software from being able to cause harm to production systems.
Before the patch is installed, a snapshot of the system should be taken. Snapshots are backups that can be used to quickly recover from poor updates, and errors arising from newly
installed applications.

Incorrect Answers:
A, C: Creating a full disk image or an incremental backup to restore after each installation could prove useful but less efficient than using snapshots.
B: Replicating a patched PC to all servers does not test the patch, and does not ensure quick recoverability should the patch cause the PC to crash.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 203, 204-205
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 208, 250