• Gabor
  • New member
  • Offline

Topic: CS0-002 topic 1 question 25

An organization is adopting IoT devices at an increasing rate and will need to account for firmware updates in its vulnerability management programs. Despite the number of devices being deployed, the organization has only focused on software patches so far, leaving hardware-related weaknesses open to compromise.
Which of the following best practices will help the organization to track and deploy trusted firmware updates as part of its vulnerability management programs?

A.
Utilize threat intelligence to guide risk evaluation activities and implement critical updates after proper testing.
B.
Apply all firmware updates as soon as they are released to mitigate the risk of compromise.
C.
Sign up for vendor emails and create firmware update change plans for affected devices.
D.
Implement an automated solution that detects when vendors release firmware updates and immediately deploy updates to production.

  • Laudy
  • New member
  • Offline

Re: CS0-002 topic 1 question 25

I had also picked A.
D is a terrible answer. lmao

Re: CS0-002 topic 1 question 25

Option D suggests implementing an automated solution to detect and deploy firmware updates immediately, which may introduce risks if updates are not properly evaluated or tested before deployment.

I will go with A.

Re: CS0-002 topic 1 question 25

You NEVER immediately deploy updates without testing them. A is the only real answer.

Re: CS0-002 topic 1 question 25

Gotta go with A.

Re: CS0-002 topic 1 question 25

Which of the ((following best practices)) will help the organization to track and deploy trusted firmware updates as part of its vulnerability management programs?
Based on the question it seems it's assuming that all of these are ((best practices)), but which one will "help the organization to track and deploy trusted firmware updates." This is why the answer is implement an automated solution. While I agree with most everybody else that we would test before pushing it to the production environment. This is what we do in our organization and test to ensure operational impact. The question seems to be testing detailed reading to throw one off from the answer they want.

  • 2Fish
  • New member
  • Offline

Re: CS0-002 topic 1 question 25

A.  "Best Practice" is key here.  Best to implement after testing, else you risking bricking your gear.  However, in the real world, sometimes you do not have a platform to test first.

Re: CS0-002 topic 1 question 25

It's D. The key verbiage here is "Trusted firmware".

Re: CS0-002 topic 1 question 25

"after proper testing." is why I choose A, because that is "best practice" as the question asks.

Re: CS0-002 topic 1 question 25

I dont know why you would use Threat Intelligence here. Looks like a manager wrote that answer.

Re: CS0-002 topic 1 question 25

You can't go around patching/updating just because a new update came out. The update needs to be evaluated, especially based on risk. If its a super unlikely exploit that wouldn't accomplish a whole lot against your system, it may not be worth the downtime or the effort.

Re: CS0-002 topic 1 question 25

What's up with D? Who is just blindly smashing things out to their live prod environment without any real testing or oversight?

Re: CS0-002 topic 1 question 25

A is correct answer
they arent saying all answers are incorrect, but they are asking best practice.
receiving emails from vendors about updates is okay but you still didnt implement any changes to the hardware.
changing and making hardware patches without proper testing or evaluation can cause you critical issues specially if a patch breaks your system

Re: CS0-002 topic 1 question 25

Why not C?

Re: CS0-002 topic 1 question 25

D? really?...just blindly install without testing in lab first ?..I think not...A

Re: CS0-002 topic 1 question 25

It's A.

Re: CS0-002 topic 1 question 25

D sounds like a nightmare, A is the correct answer here

Re: CS0-002 topic 1 question 25

Can anyone explain why it is not A?

Re: CS0-002 topic 1 question 25

No company should blindly install without testing. It could break other systems!

Re: CS0-002 topic 1 question 25

meaning, it is A.

Re: CS0-002 topic 1 question 25

I believe it's A