CompTIA Security+ (SY0-601) — Question 434

A security engineer is hardening existing solutions to reduce application vulnerabilities. Which of the following solutions should the engineer implement FIRST? (Choose two.)

Answer options

• A. Auto-update
• B. HTTP headers
• C. Secure cookies
• D. Third-party updates
• E. Full disk encryption
• F. Sandboxing
• G. Hardware encryption

Correct answer: A, F

Explanation

Implementing auto-update ensures that the software is always up-to-date with the latest security patches, which is crucial in reducing vulnerabilities. Sandboxing also provides an isolated environment for applications, preventing them from accessing critical system resources and minimizing potential damage from vulnerabilities.