Certified Information Security Manager (CISM) — Question 346

Which of the following risk scenarios is MOST likely to emerge from a supply chain attack?

Answer options

• A. Unreliable delivery of hardware and software resources by a supplier
• B. Unavailability of services provided by a supplier
• C. Loss of customers due to unavailability of products
• D. Compromise of critical assets via third-party resources

Correct answer: D

Explanation

The correct answer is D because supply chain attacks typically target third-party resources to gain access to critical assets. Options A, B, and C, while they may be consequences of a supplier issue, do not directly relate to the compromise of security that is characteristic of a supply chain attack.