A company decides to purchase COTS software. This can introduce new security risks to the network.
Which of the following is the BEST description of why this is true?
A . COTS software is typically well known and widely available. Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid a lawsuit.
B . COTS software is not well known and is only available in limited quantities. Information concerning vulnerabilities is kept internal to the company that developed the software.
C . COTS software is well known and widely available. Information concerning vulnerabilities and viable attack patterns is typically ignored within the IT community.
D . COTS software is well known and widely available. Information concerning vulnerabilities and viable attack patterns is typically shared within the IT community.
Answer: D
Leave a Reply