Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?

A.
Updating the firewall configuration to include the patches

B.
Running a NIDS report to list the remaining vulnerabilities

C.
Auditing for the successful application of the patches

D.
Backing up the patch file executables to a network share