A security architect is analyzing an old application that is not covered for maintenance anymore because the software company is no longer in business. Which of the following techniques should have been implemented to prevent these types of risks?
All of the options provided can help manage risks related to software, but the scenario specifically describes an issue where an old application's maintenance is a concern because the software company is no longer in business. Given that context, the most directly relevant technique to prevent this risk would be:
D. Source code escrows
D. Source code escrows
Source code escrow is a contractual arrangement in which the source code of a software application is deposited with a third-party escrow agent. This ensures that if the software company goes out of business or otherwise fails to maintain the software, the source code can be accessed by the organization using the software, allowing them to continue maintaining and updating the application.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CAS-004 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
32d799a
6 months, 3 weeks agoCXSSP
7 months, 4 weeks ago