nerdexam
ExamsCAS-001Questions#84
CompTIA

CAS-001 · Question #84

CAS-001 Question #84: Real Exam Question with Answer & Explanation

The correct answer is D: COTS software is well known and widely available.. Commercial Off-The-Shelf (COTS) software is, by definition, publicly available and widely deployed across many organizations. Because it is so well known, its vulnerabilities, default configurations, and attack vectors are also well known to the attacker community. Exploit code a

Question

A company decides to purchase COTS software. This can introduce new security risks to the network. Which of the following is the BEST description of why this is true?

Options

  • ACOTS software is typically well known and widely available.
  • BCOTS software is not well known and is only available in limited quantities.
  • CCOTS software is well known and widely available.
  • DCOTS software is well known and widely available.

Explanation

Commercial Off-The-Shelf (COTS) software is, by definition, publicly available and widely deployed across many organizations. Because it is so well known, its vulnerabilities, default configurations, and attack vectors are also well known to the attacker community. Exploit code and techniques targeting popular COTS products are readily available online. This broad public exposure means that any unpatched vulnerability in a COTS product immediately becomes a high-value, widely-targeted attack surface-making it a meaningful security risk when introduced into a network.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice