Which of the following would BEST prevent an unscheduled application of a patch?
A.
Network-based access controls
B.
Compensating controls
C.
Segregation of duties
D.
Change management
The Answer Is:
D
This question includes an explanation.
Explanation:
Change management is the best way to prevent an unscheduled application of a patch, because it ensures that any changes to the IT environment are planned, approved, tested, and documented. Change management is a process that controls the implementation of changes to IT systems, applications, infrastructure, or processes. It aims to minimize the risk of disruption, errors, or failures caused by changes. Applying a patch is a type of change that may affect the security, functionality, or performance of an IT system or application. Therefore, applying a patch shouldfollow the change management process and schedule, and avoid any unscheduled or unauthorized patching. Network-based access controls, compensating controls, and segregation of duties are all useful controls to protect the IT environment from unauthorized or malicious access, but they do not prevent an unscheduled application of a patch, as they do not address the change management process. References = Risk and Information Systems Control Study Manual, Chapter 5, Section 5.4.2, page 211
CRISC PDF/Engine
Printable Format
Value of Money
100% Pass Assurance
Verified Answers
Researched by Industry Experts
Based on Real Exams Scenarios
100% Real Questions
Get 60% Discount on All Products,
Use Coupon: "8w52ceb345"