CompTIA Security+ (SY0-601) — Question 642

The Chief Information Security Officer (CISO) asks a security analyst to install an OS update to a production VM that has a 99% uptime SLA. The CISO tells the analyst the installation must be done as quickly as possible. Which of the following courses of action should the security analyst take first?

Answer options

• A. Log in to the server and perform a health check on the VM.
• B. Install the patch immediately.
• C. Confirm that the backup service is running.
• D. Take a snapshot of the VM.

Correct answer: D

Explanation

Taking a snapshot of the VM first ensures that there is a restore point in case the update causes any issues, thereby protecting the production environment. While performing a health check and confirming backup services are important, these actions do not provide immediate risk mitigation for the update process. Installing the patch immediately without a snapshot could lead to complications if the update fails.