CompTIA CASP+ (CAS-003) — Question 379

Following the most recent patch deployment, a security engineer receives reports that the ERP application is no longer accessible. The security engineer reviews the situation and determines a critical security patch that was applied to the ERP server is the cause. The patch is subsequently backed out. Which of the following security controls would be BEST to implement to mitigate the threat caused by the missing patch?

Answer options

• A. Anti-malware
• B. Patch testing
• C. HIPS
• D. Vulnerability scanner

Correct answer: C

Explanation

Implementing a Host Intrusion Prevention System (HIPS) is the best approach because it actively monitors and prevents potential threats that could exploit vulnerabilities resulting from unpatched systems. While anti-malware and vulnerability scanners provide protection and assessment, they do not specifically address the immediate need to block attacks that may arise from missing patches. Patch testing is important but does not directly mitigate risks during a critical patch's absence.