CompTIA CySA+ (CS0-002) — Question 159

An organization discovers motherboards within the environment that appear to have been physically altered during the manufacturing process. Which of the following is the BEST course of action to mitigate the risk of this reoccurring?

Answer options

• A. Perform an assessment of the firmware to determine any malicious modifications.
• B. Conduct a trade study to determine if the additional risk constitutes further action.
• C. Coordinate a supply chain assessment to ensure hardware authenticity
• D. Work with IT to replace the devices with the known-altered motherboards.

Correct answer: C

Explanation

The best approach is to coordinate a supply chain assessment to ensure hardware authenticity, as this will help in identifying and preventing further risks related to altered components. Evaluating firmware (Option A) is reactive and does not address the root cause. Conducting a trade study (Option B) does not take immediate action, and replacing devices with known-altered motherboards (Option D) would not resolve the issue of authenticity.