CISSP Question #436: Real Exam Question with Answer & Explanation

The correct answer is B: Firmware. The area of embedded devices that are most commonly attacked is firmware. Firmware is a type of software that is embedded in a hardware device and controls its basic functions, such as booting, loading, or updating. Firmware is often stored in read-only memory (ROM) or flash memo

Submitted by marco_it· Mar 5, 2026Security Architecture and Engineering

Question

Which area of embedded devices are most commonly attacked?

Options

AApplication
BFirmware
CProtocol
DPhysical Interface

Explanation

The area of embedded devices that are most commonly attacked is firmware. Firmware is a type of software that is embedded in a hardware device and controls its basic functions, such as booting, loading, or updating. Firmware is often stored in read-only memory (ROM) or flash memory, which makes it difficult to modify or erase. Firmware can be attacked by exploiting vulnerabilities in the firmware code, design, or configuration, or by injecting malicious code into the firmware update process. Firmware attacks can compromise the security, functionality, or performance of the embedded device, or even render it unusable or inaccessible.

Topics

#embedded systems security#firmware attacks#IoT security#vulnerability assessment

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions