CompTIA Security+ (SY0-701) — Question 439

A company is performing a risk assessment on new software the company plans to use. Which of the following should the company assess during this process?

Answer options

• A. Software vulnerabilities
• B. Cost-benefit analysis
• C. Ongoing monitoring strategies
• D. Network infrastructure compatibility

Correct answer: A

Explanation

The correct choice, A. Software vulnerabilities, is crucial because identifying potential weaknesses in the software helps mitigate risks before deployment. Options B, C, and D, while important for overall software management, do not directly relate to the immediate risks posed by vulnerabilities in the software itself.