CompTIA CySA+ (CS0-002) — Question 97

While reviewing a cyber-risk assessment, an analyst notes there are concerns related to FPGA usage. Which of the following statements would BEST convince the analyst's supervisor to use additional controls?

Answer options

• A. FPGAs are expensive and can only be programmed once. Code deployment safeguards are needed.
• B. FPGAs have an inflexible architecture; Additional training for developers is needed.
• C. FPGAs are vulnerable to malware installation and require additional protections for their codebase.
• D. FPGAs are expensive to produce. Anti-counterfeiting safeguards are needed.

Correct answer: C

Explanation

The correct answer, C, highlights the specific vulnerability of FPGAs to malware, emphasizing the need for enhanced protections which is a critical concern. Answers A and D focus on cost and production aspects rather than security issues, while B addresses architectural inflexibility, which does not directly relate to the immediate need for additional security controls.