CompTIA CySA+ (CS0-002) — Question 127

An organization recently discovered some inconsistencies in the motherboards it received from a vendor. The organization's security team then provided guidance on how to ensure the authenticity of the motherboards it received from vendors. Which of the following would be the BEST recommendation for the security analyst to provide?

Answer options

• A. The organization should use a certified, trusted vendor as part of the supply chain.
• B. The organization should evaluate current NDAs to ensure enforceability of legal actions.
• C. The organization should maintain the relationship with the vendor and enforce vulnerability scans.
• D. The organization should ensure all motherboards are equipped with a TPM.

Correct answer: A

Explanation

The best recommendation is to use a certified, trusted vendor as it ensures that the components supplied meet quality and security standards, reducing the risk of receiving counterfeit or compromised hardware. Evaluating NDAs and enforcing vulnerability scans are important, but they do not directly address the issue of vendor trust. Ensuring motherboards have a TPM is beneficial for security but does not guarantee the authenticity of the motherboards themselves.