Unsupported applications carry the most risk because they are no longer maintained by the vendor, meaning that any security vulnerabilities, bugs, or system failures that arise may not be patched or resolved. Additionally, without vendor support, the organization may struggle to obtain critical updates, security fixes, and technical assistance. This creates both operational and security risks, as the application may become more vulnerable to cyber threats and compatibility issues over time.
A might involve risks related to development and maintenance, these are typically within the organization’s control, reducing inherent risk compared to outsourcing. But D (Outsourced accounting applications) pose the most inherent risk because they involve critical financial data that is handled outside the organization’s direct control.
Security Defects: Internal applications consist of code written by developers. A security flaw can be hidden in this code, which can lead to data leakage, authentication bypass, and malicious code execution. Legacy code and technology stack: Internal applications can use older technology stacks. This can lead to difficulty in maintenance and security vulnerabilities.
yeah A. An internally developed application can be fall of flaws,
but B. An onsite application that is unsupported, has "unsupported", so that one is for sure full of unpatched bugs.
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
roxannebadenhorst
4Â months ago1Naa
4Â months, 1Â week ago3008
11Â months, 1Â week agoChaBum
7Â months, 2Â weeks agoMohamedAbdelaal
1Â year, 6Â months ago