Question

A third-party vendor has just released patches to resolve a major vulnerability. There are over 100 critical devices that need to be updated. What action should be taken to ensure the patch is installed with minimal downtime?

a. Download and install all patches in the production network during the next scheduled maintenance period
b. Test the patch in a lab environment and then install it in the production network during the next scheduled maintenance
c. Deploy the patch in a lab environment to quickly conduct testing, get approval for an emergency change, and then immediately install it in the production environment
d. Configure endpoints to automatically download and install the patches

Answer 1

To ensure the patch is installed with minimal downtime, it is best to deploy the patch in a lab environment for quick testing, approval for an emergency change, and immediate installation in the production environment.

Step-by-step explanation:

To ensure the patch is installed with minimal downtime, the best approach would be option c: deploy the patch in a lab environment to quickly conduct testing, get approval for an emergency change, and then immediately install it in the production environment. This approach allows for thorough testing in a controlled environment before deploying the patch to critical devices. Option a would require all patches to be installed during the next scheduled maintenance period, causing potential disruptions. Option b suggests testing the patch in a lab environment first, which is a good practice, but then waiting for the next scheduled maintenance period to install it in the production network may not be ideal for addressing a major vulnerability. Option d, configuring endpoints to automatically download and install the patches, may not be suitable for critical devices as it bypasses the testing and approval process