A company decides to purchase commercially available software packages. This can introduce new security risks to the network. Which of the following is the
BEST description of why this is true?
A.
Commercially available software packages are typically well known and widely available.
Information concerning vulnerabilities and viable attack patterns are never revealed by the developer to avoid lawsuits.
B.
Commercially available software packages are often widely available. Information concerning vulnerabilities is often kept internal to the company that developed
the software.
C.
Commercially available software packages are not widespread and are only available in limited areas. Information concerning vulnerabilities is often ignored by
business managers.
D.
Commercially available software packages are well known and widely available. Information concerning vulnerabilities and viable attack patterns are always
shared within the IT community.