A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates. Which of the following processes could MOST effectively mitigate these risks?
A. Application hardening B. Application change management C. Application patch management D. Application firewall review
Answer: C
Explanation: The question states that operating system updates are applied but not other software updates. The ‘other software’ in this case would be applications. Software updates includes functionality updates and more importantly security updates. The process of applying software updates or ‘patches’ to applications is known as ‘application patch management’. Application patch management is an effective way of mitigating security risks associated with software applications.
The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?
A. Application hardening B. Application firewall review C. Application change management D. Application patch management
Answer: C
Explanation: Change management is the structured approach that is followed to secure a company’s assets. Promoting code to application on a SMZ web server would be change management.