SY0-701 Question #96: Real Exam Question with Answer & Explanation

Question

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

Options

• ADefault credentials
• BNon-segmented network
• CSupply chain vendor
• DVulnerable software

Explanation

Vulnerable software (D) is correct because opening firewall ports exposes whatever software is running behind those ports to network traffic. Since the system is managed by a SaaS provider, you don't control the software stack - if that software contains vulnerabilities, attackers now have a pathway to exploit them through those newly opened ports.

Default credentials (A) is a setup/configuration risk tied to devices or systems that ship with known passwords; it doesn't arise specifically from the act of opening firewall ports for a SaaS-connected system. Non-segmented network (B) is a pre-existing architectural flaw, not a risk introduced by deploying this particular system. Supply chain vendor (C) describes the broader risk of a third-party provider being compromised upstream (e.g., SolarWinds-style attacks), which is a valid concern in general but isn't the specific risk created by opening firewall ports.

Memory tip: Link the action to the exposure - open port → network access → software is reachable → software vulnerabilities matter. Whenever a question involves opening ports or expanding network access, the primary introduced risk is that the software now reachable through those ports may be vulnerable.

No community discussion yet for this question.