Valid PT0-002 Dumps shared by ExamDiscuss.com for Helping Passing PT0-002 Exam! ExamDiscuss.com now offer the newest PT0-002 exam dumps, the ExamDiscuss.com PT0-002 exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PT0-002 dumps with Test Engine here:
Which of the following describe the GREATEST concerns about using third-party open-source libraries in application code? (Choose two.)
Correct Answer: A,D
* A. The libraries may be vulnerable to security bugs or exploits that can compromise the application or the data. According to the web search results, open-source libraries often have vulnerabilities that can be exploited by attackers, such as Heartbleed, Shellshock, DROWN, or npm left-pad1234. These vulnerabilities can allow attackers to extract sensitive data, execute arbitrary commands, decrypt encrypted traffic, or break the functionality of the application. Therefore, using third-party open-source libraries in application code poses a significant security risk. * D. The provenance of code is unknown, meaning that the origin and history of the code are not verified or documented. According to the web search results, open-source libraries and client projects are developed and continuously evolving in an asynchronous way, which makes it difficult to track the changes and updates of the code2. Moreover, open-source libraries may have dependencies on other libraries, which can introduce additional risks or vulnerabilities1. Therefore, using third-party open-source libraries in application code poses a significant quality risk.