CAS-005 · Question #28
CAS-005 Question #28: Real Exam Question with Answer & Explanation
The correct answer is D: Implementing a proper supply chain risk management program. Implementing a proper supply chain risk management program is the best way to identify potential issues earlier in the process. This program involves assessing the risks and vulnerabilities of third-party hardware and software during the procurement process and throughout the lif
Question
A company receives reports about misconfigurations and vulnerabilities in a third-party hardware device that is part of its released products. Which of the following solutions is the best way for the company to identify possible issues at an earlier stage?
Options
- APerforming vulnerability tests on each device delivered by the providers
- BPerforming regular red-team exercises on the vendor production line
- CImplementing a monitoring process for the integration between the application and the vendor
- DImplementing a proper supply chain risk management program
Explanation
Implementing a proper supply chain risk management program is the best way to identify potential issues earlier in the process. This program involves assessing the risks and vulnerabilities of third-party hardware and software during the procurement process and throughout the lifecycle of the product. By establishing a strong risk management framework, the company can proactively detect and address misconfigurations and vulnerabilities before the products are released or deployed.
Community Discussion
No community discussion yet for this question.