Question

A new security appliance was installed on a network as part of a managed service deployment. The vendor controls the appliance, and the IT team cannot log in or configure it. The IT team is concerned about the appliance receiving the necessary updates. Which of the following mitigations should be performed to minimize the concern for the appliance and updates?

1) Scan and patch the device
2) Automatic updates
3) Configuration management
4) Vulnerability scanning

Answer 1

To address concerns about updates for a vendor-managed security appliance, the IT team should rely on automatic updates stipulated in the service level agreement. The IT team cannot scan, patch, manage configurations, or perform vulnerability scanning due to lack of access, making vendor communication and management vital.

Step-by-step explanation:

The concern regarding updates for a new security appliance managed by a vendor can be addressed through automatic updates. If the IT team does not have login access or configuration control, automatic updates are typically the responsibility of the vendor providing the managed service. The service level agreement (SLA) should specify update frequency and procedures. Since options such as scan and patch the device, configuration management, and vulnerability scanning are not available to the IT team due to lack of access, the emphasis on automatic updates and vendor management becomes critical. The IT team should ensure there's clear communication with the vendor about security patches and update processes, possibly through regular reporting or audits to verify that the updates are being applied as needed to mitigate vulnerabilities