nerdexam
(ISC)2

CISSP · Question #1458

Which element of software supply chain management has the GREATEST security risk to organizations?

The correct answer is B. Unsupported libraries are often used.. The element of software supply chain management that has the greatest security risk to organizations is the use of unsupported libraries. Unsupported libraries are libraries that are no longer maintained, updated, or patched by the original developers or vendors, and that may con

Submitted by neha2k· Mar 5, 2026Software Development Security

Question

Which element of software supply chain management has the GREATEST security risk to organizations?

Options

  • ANew software development skills are hard to acquire.
  • BUnsupported libraries are often used.
  • CApplications with multiple contributors are difficult to evaluate.
  • DVulnerabilities are difficult to detect.

How the community answered

(33 responses)
  • A
    6% (2)
  • B
    76% (25)
  • C
    3% (1)
  • D
    15% (5)

Explanation

The element of software supply chain management that has the greatest security risk to organizations is the use of unsupported libraries. Unsupported libraries are libraries that are no longer maintained, updated, or patched by the original developers or vendors, and that may contain security vulnerabilities or issues that can be exploited by the attackers. The use of unsupported libraries can pose a security risk to organizations, as it can compromise the security, functionality, and performance of the software that depends on them, and expose the software to potential attacks, such as code injection, denial-of-service, or data breach. The use of unsupported libraries can also violate the security policies and standards, and the regulatory and contractual obligations of the organizations, and result in legal, financial, or reputational

Topics

#Software supply chain security#Third-party libraries#Vulnerability management#Legacy code

Community Discussion

No community discussion yet for this question.

Full CISSP Practice