A supply chain attack is a type of cyber attack in which the attacker targets an organization by compromising its suppliers or third-party resources that are part of the organization's supply chain. By infiltrating these third-party resources, an attacker can gain access to sensitive information, install malware, or compromise critical assets that would otherwise be secure. This type of attack can result in significant consequences for an organization, including data breaches, reputational damage, legal liability, and business disruption. As such, the most likely risk scenario to emerge from a supply chain attack is the compromise of critical assets, which can have a significant impact on an organization's operations, security, and reputation.
D
Supply chain attacks are evolving threats that target third-party software suppliers. A software supply chain attack occurs when a cyber threat actor compromises the software before the supplier sends it to their customers. One successful intrusion can have a ripple effect and can potentially impact thousands of victims.
D. Compromise of critical assets via third-party resources
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CISM Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Broesweelies
Highly Voted 1 year, 5 months agowickhaarry
Most Recent 11 months, 3 weeks agorichck102
1 year ago