CompTIA CySA+ (CS0-001) — Question 69

After implementing and running an automated patching tool, a security administrator ran a vulnerability scan that reported no missing patches found. Which of the following BEST describes why this tool was used?

Answer options

• A. To create a chain of evidence to demonstrate when the servers were patched.
• B. To harden the servers against new attacks.
• C. To provide validation that the remediation was active.
• D. To generate log data for unreleased patches.

Correct answer: B

Explanation

The correct answer is B because the primary goal of an automated patching tool is to enhance the security of servers by applying updates that protect against new vulnerabilities. Options A and C focus on documentation and validation, which, while important, do not directly relate to the tool's primary function of hardening servers. Option D is irrelevant as it pertains to patches that have not been released, rather than those that are actively being managed.