Question 352:
Which of the following is the BEST method for determining whether new risks exist in legacy applications?
Answer options:
A. Regularly scheduled risk assessments B. Automated vulnerability scans C. Third-party penetration testing D. Frequent updates to the risk register