Certified in Risk and Information Systems Control (CRISC) — Question 441

Which component of a software inventory BEST enables the identification and mitigation of known vulnerabilities?

Answer options

• A. Software licensing information
• B. Software version
• C. Software support contract expiration
• D. Assigned software manager

Correct answer: B

Explanation

The software version is crucial for identifying known vulnerabilities because specific versions may have documented security flaws that can be patched. The other options, such as licensing information, support contracts, and assigned managers, do not directly relate to the identification of vulnerabilities in the software itself.