CISM Certified Information Security Manager – Question0934

When an emergency security patch is received via electronic mail, the patch should FIRST be:

A.
loaded onto an isolated test machine.
B. decompiled to check for malicious code.
C. validated to ensure its authenticity.
D. copied onto write-once media to prevent tampering.

Correct Answer: C

Explanation:

Explanation: It is important to first validate that the patch is authentic. Only then should it be copied onto write-once media, decompiled to check for malicious code or loaded onto an isolated test machine.