CompTIA Security+ (SY0-601) — Question 246

A company uses specially configured workstations for any work that requires administrator privileges to its Tier 0 and Tier 1 systems. The company follows a strict process to harden systems immediately upon delivery. Even with these strict security measures in place, an incident occurred from one of the workstations. The root cause appears to be that the SoC was tampered with or replaced. Which of the following MOST likely occurred?

Answer options

• A. Fileless malware
• B. A downgrade attack
• C. A supply-chain attack
• D. A logic bomb
• E. Misconfigured BIOS

Correct answer: C

Explanation

The correct answer is C, a supply-chain attack, because it involves compromising the hardware or software during the manufacturing process, which aligns with the tampering of the SoC. The other options, such as fileless malware or a logic bomb, do not specifically relate to hardware manipulation, while a downgrade attack typically refers to software vulnerabilities rather than hardware issues.