CISM Certified Information Security Manager – Question0935

In a well-controlled environment, which of the following activities is MOST likely to lead to the introduction of weaknesses in security software?

A.
Applying patches
B. Changing access rules
C. Upgrading hardware
D. Backing up files

Correct Answer: B

Explanation:

Explanation:
Security software will generally have a well-controlled process for applying patches, backing up files and upgrading hardware. The greatest risk occurs when access rules are changed since they are susceptible to being opened up too much, which can result in the creation of a security exposure.