What type of malware was used in the Target breach?

Register-based malware for stealing card data

What is a hardware supply chain risk?

New devices may have preloaded vulnerabilities

What should organizations do before using new hardware?

Treat it as untrusted until verified

What happened in the counterfeit Cisco case (2022)?

Over $1B in fake devices were sold using shell companies

What was a major issue with the counterfeit Cisco devices?

They failed frequently and even caught fire

What is a key principle of software supply chain security?

Trust must be verified through digital signatures

Why are automatic updates risky?

They require full trust in the software source

What is a risk with open source software?

Malicious contributors may add harmful code

How did attackers distribute malware in the SolarWinds breach?

By injecting it into software updates

Which companies were affected by the SolarWinds breach? Options: Microsoft, Intel, Cisco, U.S. agencies, Only small startups, Google exclusively, Banking institutions only, Apple and Facebook

Microsoft, Intel, Cisco, U.S. agencies

How did the SolarWinds update appear legitimate?

It was digitally signed and trusted

What access did SolarWinds attackers gain?

Long-term access to sensitive infrastructure

What is a key takeaway for supply chain security?

Trust must be earned and verified

What are examples of supply chain elements to secure?

Hardware, software, and third-party services

What is a best practice for validating hardware integrity?

Vet vendors and enforce acquisition policies

036_Supply Chain Vulnerabilities – CompTIA Security+ Flashcards

Student preview

25 questions

Show all answers

1.

FLASHCARD QUESTION

Front

What does the supply chain include?

Back

All steps from raw materials to product delivery

2.

FLASHCARD QUESTION

Front

Why is every step in the supply chain a security concern?

Back

Each step is a potential attack vector

3.

FLASHCARD QUESTION

Front

What is a danger of assuming trust in the supply chain?

Back

Unverified suppliers can inject exploits

4.

FLASHCARD QUESTION

Front

What can happen if a third-party IT service is compromised?

Back

Sensitive data may be exposed.

5.

FLASHCARD QUESTION

Front

Why are security audits included in third-party contracts?

Back

To ensure the third party maintains proper security

6.

FLASHCARD QUESTION

Front

How did attackers first breach Target in 2013?

Back

Through a phishing attack on an HVAC vendor

7.

FLASHCARD QUESTION

Front

What was a critical mistake in Target’s network setup?

Back

No segmentation between HVAC and register systems

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

15 questions

Interdependence and Ecosystems Flashcard

Flashcard

•

8th Grade - University

15 questions

Mid-tern Exam Review

Flashcard

•

10th Grade - University

20 questions

Exploring the Terrestrial Planets

Flashcard

•

11th Grade - University

20 questions

Ch 20 Test (The Resurgence of Conservatism)

Flashcard

•

9th Grade - University

15 questions

Robotics 1: Fall Final Review

Flashcard

•

9th Grade - University

21 questions

Period 4: Industrial Revolution Review

Flashcard

•

10th Grade - University

15 questions

Matter & Energy Unit 3 Flashcard Prep

Flashcard

•

10th Grade - University

Popular Resources on Wayground

8 questions

2 Step Word Problems

Quiz

•

KG - University

20 questions

Comparing Fractions

Quiz

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Latin Bases claus(clois,clos, clud, clus) and ped

Quiz

•

6th - 8th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

7 questions

The Story of Books

Quiz

•

6th - 8th Grade

Discover more resources for Computers

10 questions

Mastering Proper Keyboarding Techniques

Interactive video

•

6th - 10th Grade

10 questions

Exploring Cybersecurity Techniques and Threats

Interactive video

•

6th - 10th Grade