A network administrator is responsible for securing applications against external attacks. Every month, the
underlying operating system is updated. There is no process in place for other software updates.
Which of the following processes could MOST effectively mitigate these risks?
Application change management
Application patch management
Application firewall review
The question states that operating system updates are applied but other software updates don’t.
The ‘other software’ in this case would be applications. Software updates includes functionality updates and
more importantly security updates. The process of applying software updates or ‘patches’ to applications is
known as ‘application patch management’. Application patch management is an effective way of mitigating
security risks associated with software applications.