CompTIA CySA+ (CS0-002) — Question 346

An organization is adopting IoT devices at an increasing rate and will need to account for firmware updates in its vulnerability management programs. Despite the number of devices being deployed, the organization has only focused on software patches so far, leaving hardware-related weaknesses open to compromise.
Which of the following best practices will help the organization to track and deploy trusted firmware updates as part of its vulnerability management programs?

Answer options

• A. Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.
• B. Apply all firmware updates as soon as they are released to mitigate the risk of compromise.
• C. Sign up for vendor emails and create firmware update change plans for affected devices.
• D. Implement an automated solution that detects when vendors release firmware updates and immediately deploy updates to production.

Correct answer: A

Explanation

Option A is correct because utilizing threat intelligence ensures that the organization can prioritize and test critical firmware updates effectively, minimizing risks. Option B may lead to potential issues as immediate updates without testing can cause instability. Option C, while useful, does not address the necessity of risk evaluation and proper testing before deployment. Option D focuses on automation, but lacks the essential step of evaluating and testing the updates for reliability.