A threat advisory alert was just emailed to the IT security staff.
The alert references specific types of host operating systems that can allow an unauthorized person to access files on a system remotely.
A fix was recently published, but it requires a recent endpoint protection engine to be installed prior to running the fix.
Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.AD.
The threat advisory alert that the IT security staff received suggests that there is a vulnerability in specific types of host operating systems that allow unauthorized access to files on a system remotely. A fix for this vulnerability has been published, but it requires a recent endpoint protection engine to be installed before running the fix. To mitigate the risk of exploitation of this vulnerability, the following two measures need to be taken:
Patch Management: Patch management is the process of identifying, acquiring, testing, and installing updates (patches) for software applications and operating systems. In this scenario, the system needs to be patched with the fix that was published. This patch addresses the vulnerability and prevents unauthorized access to the files on the system remotely.
Antivirus: An antivirus program is a software application that can detect and remove malicious software (malware) such as viruses, trojans, and spyware. Antivirus software is designed to identify and block malware from running on a system. In this scenario, the endpoint protection engine needs to be installed before applying the patch to ensure that the system is protected against any malware that may attempt to exploit the vulnerability.
Therefore, options A (Antivirus) and D (Patch management) are the most likely to need to be configured to ensure that the system is mitigated accordingly.
The other options listed may also be useful in certain scenarios but are not directly related to mitigating the risk of exploitation of the vulnerability described in the threat advisory alert.
Option B (HIPS) can help prevent unauthorized access to files by monitoring and blocking unauthorized access attempts. However, it is not directly related to the vulnerability described in the alert.
Option C (Application whitelisting) can help prevent unauthorized applications from running on a system, but it is not directly related to the vulnerability described in the alert.
Option E (Group policy implementation) can help enforce security policies on a network, but it is not directly related to the vulnerability described in the alert.
Option F (Firmware updates) can help ensure that the hardware components of a system are up to date and secure, but it is not directly related to the vulnerability described in the alert.