Which of the following are the most likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company’s final software releases? (Choose two).
The most likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company’s final software releases are D. Included third-party libraries and E. Vendors/supply chain1.
Included third-party libraries: These can introduce vulnerabilities if they are not properly vetted or if they are not kept up-to-date. A third-party library might have known vulnerabilities that can be exploited by an attacker.
Vendors/supply chain: If a software company includes code from vendors or other parts of the supply chain, there’s a risk that this code could introduce vulnerabilities. This is especially true if the vendors themselves do not have robust security practices.
The best options are:
D. Included third-party libraries
E. Vendors/supply chain
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.SY0-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
EMP00000000
Highly Voted 1 year, 7 months agososa4547
1 year, 1 month agoPetercx
Most Recent 1 year, 7 months ago[Removed]
1 year, 7 months agoKELOS
1 year, 7 months agokevin403
1 year, 7 months agokong345
1 year, 7 months agowakkaking14
1 year, 7 months agoComPCertOn
1 year, 7 months agoSoleandheel
1 year, 7 months ago