Manual patching
Explain when manual patching is primarily used, and discuss two risks associated with this practice. Assume you are the director of an organization and construct a short letter of intent to your directors that describes when you would permit manual patching. Discuss whether you agree or disagree with peers on their manual patching policy communication and justify your stance with specific reasons, facts, and examples.
Sample Answer
When manual patching is primarily used
Manual patching is primarily used in the following situations:
- When a patch is not available for an automated patching system. This can happen when a vulnerability is discovered in a new piece of software or when a patch is not yet compatible with an existing automated patching system.
- When a patch is too complex or risky to automate. Some patches can be complex to install and may require manual configuration or intervention. In other cases, a patch may have a known risk of causing problems with the system, so it is considered safer to apply it manually.
- When a patch is needed for a critical system that cannot be taken offline. Automated patching systems typically require systems to be restarted, which can be disruptive for critical systems that need to be available 24/7.