Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 4

What is the purpose of targeting software vendors in a supply-chain attack?

Answer options

• A. to take advantage of a trusted software delivery method.
• B. to steal users’ login credentials.
• C. to access source code.
• D. to report Zero-day vulnerabilities.

Correct answer: A

Explanation

The correct answer is A because targeting software vendors allows attackers to use a trusted method of software delivery, making their malicious code appear legitimate. Options B, C, and D do not directly relate to the primary goal of manipulating the software supply chain, which is to compromise trust in the delivery process.