CompTIA A+ Core 2 (220-1202) — Question 101

A vendor normally releases security patches for its operating system on a monthly basis. An administrator receives an email from the vendor that says the vendor has published a patch for a zero-day flaw in its operating system outside of the normal patch schedule. Which of the following actions should the administrator take first in order to properly address this issue in a production environment?

Answer options

• A. Wait until the next monthly patch is issued and deploy it with those updates.
• B. Immediately deploy the patch to all company-owned computers.
• C. Delay the patch deployment to not interfere with the production environment.
• D. Deploy the patch to a small number of computers in order to test it in a lab.

Correct answer: D

Explanation

The correct action is to deploy the patch to a small number of computers to test it in a lab (option D). This approach minimizes risk by allowing the administrator to validate the patch's effectiveness and stability before widespread deployment. Options A and B are not advisable as waiting could leave systems vulnerable, and deploying immediately could introduce unforeseen issues, while option C delays necessary security measures.