What is the MOST cost-effective method of identifying new vendor vulnerabilities?
A.
External vulnerability reporting sources
B.
Periodic vulnerability assessments performed by consultants
C.
Intrusion prevention software
D.
honey pots located in the DMZ
Explanation:
External vulnerability sources are going to be the most cost-effective method of identifying these
vulnerabilities. The cost involved in choices B and C would be much higher, especially if
performed at regular intervals. Honeypots would not identify all vendor vulnerabilities. In addition,
honeypots located in the DMZ can create a security risk if the production network is not well
protected from traffic from compromised honey pots.