After a company has standardized to a single operating system, not all servers are immune to a
well-known OS vulnerability. Which of the following solutions would mitigate this issue?

A.
Host based firewall

B.
Initial baseline configurations

C.
Discretionary access control

D.
Patch management system

Explanation:
A patch is an update to a system. Sometimes a patch adds new functionality; in other cases, it
corrects a bug in the software. Patch Management can thus be used to fix security problems
discovered within the OS thus negating a known OS vulnerability.