Skip to Content
Home Software & Patch Management Software & Patch Management

Software & Patch Management

0 %

Completed

Course content

Software & Patch Management

10 XP
Prev Next
Fullscreen Share
Rating
0 0

There are no comments for now.

Join this Course
to be the first to leave a comment.

1. Why are unpatched systems considered high risk?
They automatically disable MFA controls They may contain vulnerabilities that attackers can exploit Patching only affects cosmetic software features Unpatched systems cannot be monitored properly
2. Which of the following BEST describes patch management?
Applying patches only after security incidents occur Disabling updates to maintain operational stability permanently Removing all unsupported software immediately without review The process of identifying, testing, deploying, and verifying updates
3. A critical vulnerability affecting an internet-facing VPN appliance is being actively exploited publicly. What is the BEST response?
Delay remediation until the next scheduled quarterly maintenance window Disable all logging during remediation to improve performance Apply emergency patching or approved mitigation controls promptly Ignore the issue if exploitation has not affected the organisation directly
4. Why is unsupported software dangerous?
Unsupported software may lack security updates and create vulnerabilities Unsupported software automatically encrypts all data Unsupported software cannot access networks Unsupported software improves operational resilience
5. Which factor is MOST important when prioritising patches?
Whether the system is used internally for documentation User preference for update timing only Vulnerability severity and exposure risk Desktop wallpaper compatibility
6. What is the purpose of vulnerability management?
To eliminate the need for security monitoring To avoid applying software updates To remove all systems from operational use permanently To identify, assess, prioritise, and reduce security weaknesses
7. Which statement about emergency patching is MOST accurate?
Emergency patching removes the need for documentation Emergency patches should never be applied to production systems Emergency vulnerabilities may require accelerated remediation processes Emergency patching should ignore governance and approvals entirely
8. Which of the following is an example of poor software governance?
Using approved software repositories and applications Applying security updates regularly Installing unauthorised applications without approval Following change management procedures
9. Why is patch testing important?
Testing helps identify potential operational or compatibility issues Testing removes the need for backups Testing guarantees updates can never fail Testing is only required for endpoint devices
10. Which systems commonly require security patching?
Only desktop operating systems Only cloud-hosted applications Servers, applications, endpoints, and infrastructure devices Only internet-facing systems
11. What is the BEST response if a critical patch deployment fails?
Ignore the issue if systems appear operational temporarily Escalate the issue and follow remediation procedures promptly Disable monitoring to avoid alert generation Delay investigation until annual audit reviews occur
12. Why are internet-facing systems considered high-risk targets?
They are more exposed to attackers and automated scanning activity Internet-facing systems cannot use security controls Internet exposure automatically disables logging External systems do not require patching
13. Which of the following BEST supports secure patch management?
Applying updates based only on user convenience Verifying deployments and maintaining patch visibility Avoiding documentation to reduce administrative overhead Allowing unsupported software for compatibility reasons indefinitely
14. A technical employee delays endpoint updates repeatedly because rebooting interrupts work. Why is this risky?
Delayed patching increases vulnerability exposure windows Endpoint patching only affects performance improvements Endpoint updates are optional for internal systems Delayed patching improves operational resilience
15. What is the purpose of change management during patching activities?
To prioritise operational convenience over stability To eliminate the need for rollback planning To prevent patches from being applied entirely To ensure updates are controlled, documented, and reviewed appropriately
16. Which of the following is a common patch management failure?
Maintaining asset visibility and update tracking Delayed remediation of critical vulnerabilities Using approved software repositories Performing patch verification checks
17. What should employees do if they identify unsupported or vulnerable software?
Continue usage indefinitely if operationally useful Disable endpoint protection to improve compatibility Report the issue through approved escalation channels Ignore it unless exploitation occurs publicly
18. Which statement about cloud patch responsibilities is MOST accurate?
Cloud providers manage all customer security responsibilities automatically Customers may still be responsible for operating systems, applications, and configurations SaaS services eliminate vulnerability management requirements Cloud environments cannot contain unsupported software
19. Why are third-party applications considered security risks?
Third-party software does not require patching Approved applications cannot contain vulnerabilities Third-party software automatically bypasses authentication controls They may introduce vulnerabilities or unsupported dependencies
20. What is the BEST overall approach to software and patch management?
Delay updates to minimise operational disruption Apply updates quickly without testing or governance Maintain secure, supported, monitored, and regularly updated systems Restrict patching activities only to critical incidents