After conducting a penetration test, you have identified several critical vulnerabilities due to outdated software on the client's assets. What is the BEST recommendation for remediation to include in the report?
You selected this option
Suggest that all patches should be applied immediately upon release without reviewing for production readiness.
You selected this option
Advise the client to manually apply updates to software when the organization deems it necessary.
You selected this option
Instruct the client to conduct on-demand patch updates in response to reported vulnerabilities.
You selected this option
Recommend implementing an automated patch management system that regularly updates software on all devices.
Regularly scheduled patch management processes are critical for ensuring that systems are kept up-to-date and protected against known vulnerabilities. By implementing an automated patch management system, an organization can ensure that patches are applied as soon as they become available, reducing the exploitation window for attackers. On-demand patch updates, while important to address urgent vulnerabilities, do not provide a consistent and proactive approach to vulnerability management. Having a manual review process prior to applying patches is an important best practice for ensuring compatibility and preventing potential issues, but it is not a substitution for a regularly scheduled patch management strategy. Simply applying patches without a well-defined process could lead to missed patches or inconsistent application, which is why it is not the best recommendation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a patch management system?
Open an interactive chat with Bash
What are the risks of outdated software due to lack of patch management?
Open an interactive chat with Bash
What best practices should accompany an automated patch management system?