Certified Information Systems Security Professional – CISSP – Question309

Which of the following open source software issues pose the MOST risk to an application?

A.
The software is beyond end of life and the vendor is out of business.
B. The software is not used or popular in the development community.
C. The software has multiple Common Vulnerabilities and Exposures (CVE) and only some are remediated.
D. The software has multiple Common Vulnerabilities and Exposures (CVE) but the CVEs are classified as low risks.

Correct Answer: D