The application systems of an organization using open-source software have no single recognized
developer producing patches. Which of the following would be the MOST secure way of updating
Rewrite the patches and apply them
Code review and application of available patches
Develop in-house patches
identify and test suitable patches before applying them
Suitable patches from the existing developers should be selected and tested before applying them.
Rewriting the patches and applying them is not a correct answer because it would require skilled
resources and time to rewrite the patches. Code review could be possible but tests need to be
performed before applying the patches. Since the system was developed outside the organization,
the IT department may not have the necessary skills and resources to develop patches.