Skip to Content

ISACA CISA: What’s the Biggest Red Flag in Endpoint Patch Management?

By: Author Alex Lim

Posted on

Categories Exam

Explore the critical aspects of endpoint computer patch management. Learn which finding raises the most significant concern and why it matters for your organization’s security posture.

Table of Contents

Question

Which of the following findings would be of GREATEST concern when evaluating an organization’s endpoint computer patch management process?

A. Patching is performed every three months.
B. Patch implementation took longer than expected.
C. Rollbacks were required for some patches.
D. Patching is performed manually for some systems.

Answer

The finding of GREATEST concern when evaluating an organization’s endpoint computer patch management process would be:

A. Patching is performed every three months.

Explanation

This is the most concerning finding because:

  1. Frequency: A three-month patching cycle is far too infrequent in today’s rapidly evolving threat landscape. Many critical vulnerabilities are discovered and exploited within days or weeks of becoming public knowledge.
  2. Security Risk: This long gap between patches leaves systems vulnerable to known exploits for extended periods, significantly increasing the risk of successful attacks.
  3. Compliance Issues: Many regulatory standards and best practices require more frequent patching, often monthly or even more regularly for critical systems.
  4. Patch Overload: When patching is done so infrequently, the number of patches to be applied accumulates, making the process more complex and time-consuming, which can lead to errors or omissions.
  5. Difficulty in Troubleshooting: If issues arise after applying a large number of patches at once, it becomes more challenging to identify which specific patch might be causing problems.

The other options, while not ideal, are less concerning:

B. Patch implementation taking longer than expected is a common occurrence and can be managed with proper planning and resources.

C. Requiring rollbacks for some patches indicates that there’s a testing process in place, which is actually a positive sign of due diligence.

D. Manual patching for some systems may be necessary due to specific requirements or limitations and isn’t inherently problematic if managed properly.

In conclusion, the infrequent patching schedule of every three months poses the greatest risk to the organization’s security posture and should be addressed as a priority in improving the endpoint computer patch management process.

ISACA CISA certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ISACA CISA exam and earn ISACA CISA certification.