Which item is included as a recovery model related to patch management?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Study for the SANS Advanced Incident Response, Threat Hunting, and Digital Forensics (FOR508) Test. Prepare with comprehensive materials, flashcards, and multiple choice questions with hints and explanations. Ace your exam with confidence!

Multiple Choice

Which item is included as a recovery model related to patch management?

Explanation:
The key idea here is that a recovery model for patch management is a structured, proactive process that ensures systems can be restored to a secure state after vulnerabilities are found or exploited. Establishing a comprehensive patch management program embodies this by formalizing how patches are identified, tested, deployed, and verified, along with rollback plans and governance. It includes asset inventory, risk-based patch prioritization, testing in a controlled environment, scheduled deployment, change management, and post-deployment verification. This directly supports recovery from incidents by quickly removing known vulnerabilities and ensuring systems stay up-to-date, reducing the window of exposure. While the other options are important for overall security, they don’t focus on the patch lifecycle as a recovery capability. Improving enterprise authentication strengthens access controls; network redesign changes topology and resilience but isn’t about patch recovery; centralized logging aids detection and forensics but doesn’t establish the patching process, testing, deployment, and rollback that a patch management program provides.

The key idea here is that a recovery model for patch management is a structured, proactive process that ensures systems can be restored to a secure state after vulnerabilities are found or exploited. Establishing a comprehensive patch management program embodies this by formalizing how patches are identified, tested, deployed, and verified, along with rollback plans and governance. It includes asset inventory, risk-based patch prioritization, testing in a controlled environment, scheduled deployment, change management, and post-deployment verification. This directly supports recovery from incidents by quickly removing known vulnerabilities and ensuring systems stay up-to-date, reducing the window of exposure.

While the other options are important for overall security, they don’t focus on the patch lifecycle as a recovery capability. Improving enterprise authentication strengthens access controls; network redesign changes topology and resilience but isn’t about patch recovery; centralized logging aids detection and forensics but doesn’t establish the patching process, testing, deployment, and rollback that a patch management program provides.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy