Security+ Objective 1.3 Implement OS hardening practices and procedures to achieve workstation and server security – patch management

So, now we’ve learned about patches.  We should probably make sure we are taking care of this stuff.  That’s patch management.  As the bad guys discover new ways to harm us, vendors create patches to protect us.  It is vital to our systems security to protect them with the latest patches.

The basic steps of patch management are:

  1. Determine what patches are needed and download them
    1. Check for the latest patches on a regular basis
    2. Make sure it is coming from the vendor website and is not tampered with
    3. Verify that the patch is relevant to your system or application
  2. Test and install the patches
    1. Test in a way that won’t affect production if the patch causes problems
    2. Use automated delivery to push patches across the entire network
  3. Verify that the patches are successfully applied.
    1. Use patch management software to automate reports


The typical user is not doing these things.  If you want your organization’s computers to be secure, patch management needs to be implemented in a way that takes care of every system on the network.  Typically, patch management is an automated process.  Utilize a server that can download and then push the approved patches out to every system on the network.  The patches should not be approved for deployment until they are tested in a non-production environment.  Following these guidelines will give you control over an important aspect to the security of your systems.

Go back to the Exam Objectives list

Be Sociable, Share!


There are no comments yet...Kick things off by filling out the form below.

Leave a Comment