CISM Certified Information Security Manager – Question0920

Which of the following is the BEST way to identify the potential impact of a successful attack on an organization’s mission critical applications?

A.
Conduct penetration testing.
B. Execute regular vulnerability scans.
C. Perform independent code review.
D. Perform application vulnerability review.

Correct Answer: A