Certified Information Systems Security Professional – CISSP – Question328

Which of the following processes has the PRIMARY purpose of identifying outdated software versions, missing patches, and lapsed system updates?

A.
Penetration testing
B. Vulnerability management
C. Software Development Life Cycle (SDLC)
D. Life cycle management