What type of malware was used in the Target breach?

Register-based malware for stealing card data

What is a hardware supply chain risk?

New devices may have preloaded vulnerabilities

What should organizations do before using new hardware?

Treat it as untrusted until verified

What happened in the counterfeit Cisco case (2022)?

Over $1B in fake devices were sold using shell companies

What was a major issue with the counterfeit Cisco devices?

They failed frequently and even caught fire

What is a key principle of software supply chain security?

Trust must be verified through digital signatures

Why are automatic updates risky?

They require full trust in the software source

What is a risk with open source software?

Malicious contributors may add harmful code

How did attackers distribute malware in the SolarWinds breach?

By injecting it into software updates

Which companies were affected by the SolarWinds breach? Options: Microsoft, Intel, Cisco, U.S. agencies, Only small startups, Google exclusively, Banking institutions only, Apple and Facebook

Microsoft, Intel, Cisco, U.S. agencies

How did the SolarWinds update appear legitimate?

It was digitally signed and trusted

What access did SolarWinds attackers gain?

Long-term access to sensitive infrastructure

What is a key takeaway for supply chain security?

Trust must be earned and verified

What are examples of supply chain elements to secure?

Hardware, software, and third-party services

What is a best practice for validating hardware integrity?

Vet vendors and enforce acquisition policies

036_Supply Chain Vulnerabilities – CompTIA Security+ Flashcards

Student preview

25 questions

Show all answers

1.

FLASHCARD QUESTION

Front

What does the supply chain include?

Back

All steps from raw materials to product delivery

2.

FLASHCARD QUESTION

Front

Why is every step in the supply chain a security concern?

Back

Each step is a potential attack vector

3.

FLASHCARD QUESTION

Front

What is a danger of assuming trust in the supply chain?

Back

Unverified suppliers can inject exploits

4.

FLASHCARD QUESTION

Front

What can happen if a third-party IT service is compromised?

Back

Sensitive data may be exposed.

5.

FLASHCARD QUESTION

Front

Why are security audits included in third-party contracts?

Back

To ensure the third party maintains proper security

6.

FLASHCARD QUESTION

Front

How did attackers first breach Target in 2013?

Back

Through a phishing attack on an HVAC vendor

7.

FLASHCARD QUESTION

Front

What was a critical mistake in Target’s network setup?

Back

No segmentation between HVAC and register systems

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

Ecological Pyramids: Review

Flashcard

•

9th - 12th Grade

15 questions

Forensic Sci Intro, Eyewitness, and CSI

Flashcard

•

9th - 12th Grade

15 questions

Forensics Semester 1 EXAM

Flashcard

•

9th - 12th Grade

15 questions

1st Semester Earth Science Final

Flashcard

•

9th - 12th Grade

19 questions

Cold War-1950s-Civil Rights

Flashcard

•

9th - 12th Grade

19 questions

Duncan- Properties of Water

Flashcard

•

9th - 12th Grade

21 questions

Ecosystem Pyramids

Flashcard

•

9th - 12th Grade

15 questions

Earth Science Chapter 24 Practice Test

Flashcard

•

9th - 12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

18 questions

[AP CSP] JavaScript Programming Lesson 2025-2026

Lesson

•

9th - 12th Grade

57 questions

[AP CSP] Unit 5 Review: Internet & Cybersecurity

Quiz

•

9th - 12th Grade

10 questions

Exploring Digital Citizenship Essentials

Interactive video

•

6th - 10th Grade