Software flaws can be considered vulnerabilities if they can be exploited in a way that can prevent the software's reliable information and:
They are outside the control of an attacker.
They are externally accessible to an attacker.
They are extensible by an attacker.
They are part of the attack surface.
Option B is the correct answer. A, C and D are distracters
- A. Answers to Assessment Questions
- from The CSSLP™ Prep Guide: Mastering the Certified Secure Software Lifecycle Professional
- Publisher: John Wiley & Sons
- Released: August 2009
There is a mismatch in Answer, which says its "A" and explanation below says Option "B" is the correct answer and "A" is a distractor.
Share this highlighthttp://www.safaribooksonline.com/a/the-csslptm-prep/7780552/