An engineer has ensured that the switches are using the late - CompTIA Security+ SY0-701
Question
An engineer has ensured that the switches are using the latest OS, the servers have the latest patches, and the endpoints' definitions are up to date. Which of the following will these actions most effectively prevent?
Answers
-
-
-
-
correct
Explanation
Correct Answer: D. Known exploits. Applying the latest OS updates, patches, and endpoint security definitions directly protects systems from known exploits. These are vulnerabilities and attack techniques that have already been discovered and cataloged, often with publicly available patches or signatures. By keeping infrastructure current, the engineer ensures attackers cannot exploit outdated software flaws or malware signatures. This is a cornerstone of vulnerability management and patch management best practices. It significantly reduces the attack surface by removing avenues that adversaries commonly use to gain access. While no system can be made completely immune, consistent patching ensures that widely available exploit kits and automated attacks are far less likely to succeed. This approach is preventive, proactive, and cost-effective, stopping opportunistic attacks that rely on organizations failing to apply updates promptly. It is not a defense against insider misuse or true zero-days, but it addresses the far more frequent and dangerous category of known threats.
Why Other Options are Incorrect:
-
A. Zero-day attacks exploit vulnerabilities unknown to vendors and the public, for which no patches exist. Keeping systems updated cannot prevent these until a patch is released.
-
B. Insider threats involve authorized users misusing access. Updates and patches cannot prevent a malicious employee from abusing legitimate privileges.
-
C. End-of-life support refers to systems no longer receiving vendor updates. While patching delays this risk for supported systems, it does not prevent the end-of-life state.
No Payment Cards Needed
