Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

Your organization's ERP vendor has released an out-of-band patch that corrects a critical privilege-escalation flaw currently being exploited in the wild. As the patch-management lead, what is the most appropriate next step to take before deploying the update to production systems, in line with secure patch-management best practices?

  • Postpone deployment until the next quarterly release cycle to maintain the established update schedule and avoid unplanned downtime.

  • Disable the vulnerable ERP module permanently and rely on manual workarounds instead of installing the vendor's patch.

  • Perform comprehensive testing of the patch in a representative staging environment to verify compatibility and security before scheduling a controlled rollout.

  • Apply the patch immediately to all production servers, bypassing the normal change-management process to reduce exposure time.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Deployment, Operations, Maintenance
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot