Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam PT0-002 Topic 1 Question 48 Discussion

Actual exam question for CompTIA's PT0-002 exam
Question #: 48
Topic #: 1
[All PT0-002 Questions]

Penetration on an assessment for a client organization, a penetration tester notices numerous outdated software package versions were installed ...s-critical servers. Which of the following would best mitigate this issue?

Show Suggested Answer Hide Answer
Suggested Answer: A

The best way to mitigate this issue is to implement patching and change control programs, which are processes that involve applying updates or fixes to software packages to address vulnerabilities, bugs, or performance issues, and managing or documenting the changes made to the software packages to ensure consistency, compatibility, and security. Patching and change control programs can help prevent or reduce the risk of attacks that exploit outdated software package versions, which may contain known or unknown vulnerabilities that can compromise the security or functionality of the systems or servers.Patching and change control programs can be implemented by using tools such as WSUS, which is a tool that can manage and distribute updates for Windows systems and applications1, or Git, which is a tool that can track and control changes to source code or files2. The other options are not valid ways to mitigate this issue. Revision of client scripts used to perform system updates is not a sufficient way to mitigate this issue, as it may not address the root cause of why the software package versions are outdated, such as lack of awareness, resources, or policies. Remedial training for the client's systems administrators is not a direct way to mitigate this issue, as it may not result in immediate or effective actions to update the software package versions. Refrainment from patching systems until quality assurance approves is not a way to mitigate this issue, but rather a potential cause or barrier for why the software package versions are outdated.


by Quentin at Dec 23, 2023, 06:38 AM

Limited Time Offer

25%

Off

Get Premium PT0-002 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ashley
7 months ago
Haha, yeah, Option D is just asking for trouble. Might as well just hand the hackers the keys to the kingdom. I'm definitely ruling that one out.
upvoted 0 times
...
Curt
7 months ago
Yeah, I'm with Oren on this one. Option A gives you a more comprehensive fix. Although, I do have to say, the idea of refraining from patching until QA approves in Option D is just plain ridiculous. That would be the worst thing to do!
upvoted 0 times
...
Oren
7 months ago
That's a fair point, Javier. But I'm worried that Option B is a bit too specific. Patching and change control are more overarching solutions that can address the root cause, rather than just fixing the symptoms.
upvoted 0 times
Ora
6 months ago
A) Implementation of patching and change control programs
upvoted 0 times
...
Luz
6 months ago
I see your point, but wouldn't revising client scripts be a temporary fix? Patching and change control programs seem like a more comprehensive solution.
upvoted 0 times
...
Howard
6 months ago
B) Revision of client scripts used to perform system updates
upvoted 0 times
...
Nicolette
6 months ago
That makes sense. Patching and change control programs can help address the root cause of the outdated software issue.
upvoted 0 times
...
Caprice
6 months ago
A) Implementation of patching and change control programs
upvoted 0 times
...
...

Save Cancel