CompTIA Security+ (SY0-701) — Question 599

A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?

Answer options

• A. Default credentials
• B. Non-segmented network
• C. Supply chain vendor
• D. Vulnerable software

Correct answer: C

Explanation

The correct answer, C. Supply chain vendor, refers to the risk posed by third-party vendors that can introduce vulnerabilities into the system. Options A, B, and D, while valid concerns, do not specifically address the risks tied to the involvement of a SaaS provider and its supply chain dependencies.