Supply Chain Attack 2.3 Flashcards
1
Q
Supply Chain Vector
A
- ## Using a company’s supply chain as an unwitting agent in the attack.
2
Q
Supply Chain
A
- Set of firms that operate together to manage the movement of goods and services between firms.
3
Q
Service Provider Vector
A
- Have access to internal services, which can be an opportunity for the attacker.
4
Q
Considerations for Hardware Providers
A
- Use a smaller supplier base
- Have strict controls over policies and procedures
- Security should be part of the overall design
5
Q
Considerations of Software Providers
A
- Question every software installation.
- Digital signature should be confirmed during the installation.
- Some software will update or patch itself automatically.
6
Q
A