A network administrator is responsible for securing applications against external attacks. Every
month, the underlying operating system is updated. There is no process in place for other software
updates.
Which of the following processes could MOST effectively mitigate these risks?

A.
Application hardening

B.
Application change management

C.
Application patch management

D.
Application firewall review

Explanation:
The question states that operating system updates are applied but not other software updates.
The ‘other software’ in this case would be applications. Software updates includes functionality
updates and more importantly security updates. The process of applying software updates or
‘patches’ to applications is known as ‘application patch management’. Application patch
management is an effective way of mitigating security risks associated with software applications.