ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 154 discussion

Actual exam question from CompTIA's CS0-002
Question #: 154
Topic #: 1
[All CS0-002 Questions]

A small electronics company decides to use a contractor to assist with the development of a new FPGA-based device. Several of the development phases will occur off-site at the contractor's labs. Which of the following is the main concern a security analyst should have with this arrangement?

  • A. Making multiple trips between development sites increases the chance of physical damage to the FPGAs.
  • B. Moving the FPGAs between development sites will lessen the time that is available for security testing.
  • C. Development phases occurring at multiple sites may produce change management issues.
  • D. FPGA applications are easily cloned, increasing the possibility of intellectual property theft.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by I_heart_shuffle_girls at Jan. 13, 2021, 8:10 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Obi_Wan_Jacoby
Highly Voted 4 years, 4 months ago
D is correct. There is a large two part series out there on the theft of intellectual property on FPGA's, so that is a real thing and big deal it seems "https://www.eetimes.com/how-to-protect-intellectual-property-in-fpgas-devices-part-1/"
upvoted 13 times
who__cares123456789___
4 years, 2 months ago
Agreed!!
upvoted 3 times
...
2Fish
2 years, 3 months ago
Agree. Good article!
upvoted 1 times
...
...
RobV
Most Recent 1 year, 5 months ago
Selected Answer: D
D. FPGA applications are easily cloned, increasing the possibility of intellectual property theft. The main concern for a security analyst in this scenario is the potential for intellectual property theft. FPGAs (Field-Programmable Gate Arrays) are reprogrammable devices that can be configured for specific applications. If the development phases involve sharing FPGA designs or configurations between the small electronics company and the contractor's labs, there is a risk that the intellectual property associated with the FPGA-based device could be copied or stolen.
upvoted 1 times
...
novolyus
1 year, 6 months ago
Selected Answer: B
Concern of a security analyst. A security analyst concern should be doing his job properly, and option B is his concern. Intellectual property should be the concern of another department. If the question was "Which should be the company´s concern" then D. But the company accepted the risk of intellectual property leak and you have to do your task as a security analyst. It is not your business intelectual property or health and safety conditions.
upvoted 1 times
...
CatoFong
2 years, 4 months ago
Selected Answer: D
D. is correct
upvoted 1 times
...
SylFlo
2 years, 4 months ago
i'm glad i guessed correctly, i couldn't remember this answer, but guessed D, passed today
upvoted 1 times
...
Mr_Robot69
2 years, 10 months ago
Below article is from CompTIA official guide Anti-Tamper If an attacker can steal the hardware, TPMs and HSMs are vulnerable to physical attacks against the chips to extract the keys. Anti-tamper solutions are designed to mitigate this risk. An anti-tamper mechanism makes use of a type of programmable controller called a field programmable gate array (FPGA) and a physically unclonable function (PUF). The PUF generates a digital fingerprint based on unique features of the device. This means that tampering, by removing the chip or adding an unknown input/ output mechanism for instance, can be detected and a remedial action, such as zerofilling cryptographic keys, can be performed automatically.
upvoted 1 times
Mr_Robot69
2 years, 10 months ago
Going with option B
upvoted 1 times
...
...
twobuckchuck
2 years, 10 months ago
Is FPGA a new crypto coin? Fungible Payment in Gold Allowance?
upvoted 1 times
...
miabe
2 years, 10 months ago
Selected Answer: D
looks good to me
upvoted 1 times
...
Davar39
3 years, 3 months ago
Selected Answer: D
Only D directly concerns a security analyst.
upvoted 1 times
...
Action66
3 years, 11 months ago
Several CYSA+ (002) test preps I used show the answer as B. Reference: https://www.certification-questions.com/pdf-download/comptia/cs0-002-pdf.pdf
upvoted 2 times
Sweetlulu
3 years, 10 months ago
D is the correct answer. B is close 2nd. Which is of the security issues are the worse for the company? Losing the Company's intellectual property or diminishing security viewing?
upvoted 2 times
Remilia
3 years, 6 months ago
This is why I value the discussions in exam topics. Very insightful.
upvoted 3 times
...
...
...
Alizadeh
4 years, 2 months ago
D is correct
upvoted 3 times
...
I_heart_shuffle_girls
4 years, 5 months ago
D seems to be correct but B might also be a correct answer. Any other thoughts?
upvoted 4 times
who__cares123456789___
4 years, 1 month ago
Yes. Another thought is that there is no time frame mentioned. No end date mentioned so no reason to assume security testing will be diminished. But deployment for testing at off-site locales put property out of any chain of custody and someone could easily steal the Intel Property...quite simple really.
upvoted 3 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel