A new enterprise solution is currently being evaluated due to its potential to increase the
company’s profit margins. The security administrator has been asked to review its security
implications. While evaluating the product, various vulnerability scans were performed. It was
determined that the product is not a threat but has the potential to introduce additional
vulnerabilities. Which of the following assessment types should the security administrator also take
into consideration while evaluating this product?

A.
Threat assessment

B.
Vulnerability assessment

C.
Code assessment

D.
Risk assessment

Explanation: