CompTIA CySA+ (CS0-002) — Question 1

A small electronics company decides to use a contractor to assist with the development of a new FPGA-based device. Several of the development phases will occur off-site at the contractor's labs. Which of the following is the main concern a security analyst should have with this arrangement?

Answer options

• A. Making multiple trips between development sites increases the chance of physical damage to the FPGAs.
• B. Moving the FPGAs between development sites will lessen the time that is available for security testing.
• C. Development phases occurring at multiple sites may produce change management issues.
• D. FPGA applications are easily cloned, increasing the possibility of intellectual property theft.

Correct answer: D

Explanation

The correct answer is D, as FPGA applications are indeed susceptible to cloning, which poses a significant risk for intellectual property theft. Options A and B focus on logistical concerns that, while important, do not directly address security risks. Option C highlights potential change management issues, but these do not specifically relate to security vulnerabilities like option D does.