1_6_2 Section 1 – Attacks, Threats, and Vulnerabilities - 1.6 – Vulnerabilities - Third-party Risks
22 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Why is it important to have security measures in place for third-party access to your systems?

  • Because third parties are never trustworthy
  • Because third parties are only contractually obligated to follow security protocols
  • Because third parties have access to your systems, but not your data
  • Because third parties can make errors, and you should plan for the worst-case scenario (correct)
  • What is a common reason for system integrators to have additional access to systems?

  • To perform their job functions (correct)
  • To access sensitive data
  • To install malware
  • To test system security
  • What is a possible way a third party may have access to your data?

  • Only through physical access
  • Only through virtual access
  • Neither virtual nor physical access
  • Through both virtual and physical access (correct)
  • What should you plan for when it comes to third-party access to your systems?

    <p>The worst-case scenario</p> Signup and view all the answers

    Why is it necessary to have security policies and procedures in place for third-party access?

    <p>To mitigate potential security risks</p> Signup and view all the answers

    What type of security is important to consider when it comes to third-party access?

    <p>Both physical and technology security</p> Signup and view all the answers

    Where should production services be located?

    <p>On a separate, isolated part of the network</p> Signup and view all the answers

    What should be done after the code is completed?

    <p>Check the code for any vulnerabilities</p> Signup and view all the answers

    Why is encryption important when storing data in a third-party location?

    <p>To protect the data against unauthorized access</p> Signup and view all the answers

    What type of data may require special consideration when storing in a third-party location?

    <p>Customer information</p> Signup and view all the answers

    How should data be transferred in and out of a third-party location?

    <p>Over an encrypted channel</p> Signup and view all the answers

    What is a benefit of storing data in an encrypted form?

    <p>It protects the data against unauthorized access</p> Signup and view all the answers

    What is a major concern with integrators being inside the network?

    <p>They can install malware on systems without going through security controls</p> Signup and view all the answers

    What is an example of a security issue that was identified with a vendor?

    <p>A security vulnerability in a thermostat</p> Signup and view all the answers

    What is the importance of partnering with vendors?

    <p>To ensure they are motivated to resolve security issues</p> Signup and view all the answers

    What is a potential security issue in the supply chain?

    <p>All of the above</p> Signup and view all the answers

    What is a rare but possible security issue?

    <p>Malware infection from a third-party software</p> Signup and view all the answers

    What is an example of a security issue with hardware from a third party?

    <p>A counterfeit switch</p> Signup and view all the answers

    Why is it important to have processes and procedures in place for the supply chain?

    <p>To monitor security concerns</p> Signup and view all the answers

    What is a concern when having programming services done by a third party?

    <p>Building a secure environment for developers</p> Signup and view all the answers

    What is a consideration when deciding where to store code?

    <p>Storing code on a centralized cloud-based server</p> Signup and view all the answers

    Why is it important to ensure vendors are aware of security problems?

    <p>So they can resolve the issues quickly</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser