What is the MOST cost-effective method of identifying new vendor vulnerabilities?
A.
External vulnerability reporting sources
B.
Periodic vulnerability assessments performed by consultants
C.
Intrusion prevention software
D.
Honey pots located in the DMZ
Explanation:
External vulnerability sources are going to be the most cost-effective method of identifying these vulnerabilities. The cost involved in choices B and C would be much higher, especially if performed at regular intervals. Honey pots would not identify all vendor vulnerabilities. In addition, honey pots located in the DMZ can create a security risk if the production network is not well protected from traffic from compromised honey pots.