Last Updated on December 21, 2021 by InfraExam
An IS auditor is performing an audit of a large organization’s operating system maintenance procedures. Which of the following findings presents the GREATEST risk?
- Some internal servers cannot be patched due to software incompatibility.
- The configuration management database is not up-to-date.
- Vulnerability testing is not performed on the development servers.
- Critical patches are applied immediately while others follow quarterly release cycles.