A recently installed application update caused a vital application to crash during the middle of the
workday. The application remained down until a previous version could be reinstalled on the server, and
this resulted in a significant loss of data and revenue.
Which of the following could BEST prevent this issue from occurring again?
A.
Application configuration baselines
B.
Application hardening
C.
Application access controls
D.
Application patch management
Explanation:
Patch management is the process of maintaining the latest source code for applications and operating
systems by applying the latest vendor updates. This helps protect a systems from newly discoveredattacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test
system first to ensure that the updates do not have detrimental effects on the system, and, should the
updates have no detrimental effects on the test systems, backing up the production systems before
applying the updates on a production system.
Incorrect Answers:
A: Application configuration baselining is the process of tuning the settings of an application to ensure it
operates at its optimal value while providing security and vulnerability protection.
B: Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the
surface of vulnerability typically includes removing or disabling unnecessary functions and features,
removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and
disabling unnecessary services. Hardening also involves tuning and configuring the native security
features of the installed software, performing patch management.
C: Access control or permissions determines a user’s access to an object, such as a file or folder,
application, and system. It does not prevent system crashed due to application updates.Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 231-232, 235
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 215-217, 219, 220