CompTIA Security+ Question A-64

Disabling unnecessary services, restricting administrative access, and enabling auditing controls on a server are forms of which of the following?

A. Application patch management
B. Cross-site scripting prevention
C. Creating a security baseline
D. System hardening

Answer: D

Explanation:
Hardening is the process of securing a system by reducing its surface of vulnerability. Reducing the surface of vulnerability typically includes removing or disabling unnecessary functions and features, removing or disabling unnecessary user accounts, disabling unnecessary protocols and ports, and disabling unnecessary services.

CompTIA Security+ Question A-3

A technician has implemented a system in which all workstations on the network will receive security updates on the same schedule. Which of the following concepts does this illustrate?

A. Patch management
B. Application hardening
C. White box testing
D. Black box testing

Answer: A

Explanation:
Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from newly discovered attacks and vulnerabilities. A part of patch management is testing the effects of vendor updates on a test system before applying the updates on a production system, and scheduling updates.

CompTIA Network+ Question C-43

A network administrator is following best practices to implement firewalls, patch management and policies on the network. Which of the following should be performed to verify the security controls in place?

A. Penetration testing
B. AAA authentication testing
C. Disaster recovery testing
D. Single point of failure testing

Correct Answer: A

CompTIA Network+ Question C-23

A company has had several virus infections over the past few months. The infections were caused by vulnerabilities in the application versions that are being used. Which of the following should an administrator implement to prevent future outbreaks?

A. Host-based intrusion detection systems
B. Acceptable use policies
C. Incident response team
D. Patch management

Correct Answer: D

Explanation:
As vulnerabilities are discovered, the vendors of the operating systems or applications often respond by releasing a patch. A patch is designed to correct a known bug or fix a known vulnerability, such as in this case to be vulnerable to virus infections, in a piece of software.
A patch differs from an update, which, in addition to fixing a known bug or vulnerability, adds one or more features to the software being updated.

CompTIA A+ Core 2 Question B-94

Which of the following functions describes Patch management?

A. Determining appropriateness, platform destination, and scheduling of operating system and application updates.
B. Determining appropriateness, platform destination, and scheduling of incremental system backups.
C. Determining appropriateness, platform destination, and scheduling of router table updates.
D. Determining appropriateness, platform destination, and scheduling of permission propagations.

Correct Answer: A