CompTIA CySA+ (CS0-002) — Question 133

An organization is adopting IoT devices at an increasing rate and will need to account for firmware updates in its vulnerability management programs. Despite the number of devices being deployed, the organization has only focused on software patches so far, leaving hardware-related weaknesses open to compromise. Which of the following best practices will help the organization to track and deploy trusted firmware updates as part of its vulnerability management programs?

Answer options

• A. Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.
• B. Apply all firmware updates as soon as they are released to mitigate the risk of compromise.
• C. Determine an annual patch cadence to ensure all patching occurs at the same time.
• D. Implement an automated solution that detects when vendors release firmware updates and immediately deploy updates to production.

Correct answer: A

Explanation

Answer A is correct because utilizing threat intelligence allows the organization to evaluate risks effectively and ensure that critical updates are tested before implementation, which is crucial for security. Options B and D suggest immediate actions that could lead to untested updates being deployed, while C focuses on timing rather than the evaluation and testing of updates.