A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
B. Non-segmented network
Opening ports on a firewall for a new system introduces the risk that the new system might be deployed on a non-segmented network. This means that the new system and its traffic could potentially be exposed to other parts of the network, increasing the risk of lateral movement by an attacker if the system is compromised. Network segmentation helps in containing potential breaches and limiting access to sensitive areas of the network.
Therefore, the correct answer is:
B. Non-segmented network
I am thinking that opening firewall ports is a Layer 3 and Layer 4 issue and not a Layer 7 vulnerability, which is where the Vulnerable software would fit in. I would be more concerned about the Cloud provider which is why I am choosing C: Supply Chain Vendor.
In this scenario, the technician is opening firewall ports to support a SaaS (Software as a Service) provider, which means that part of the system relies on external services managed by a third party. This introduces a supply chain risk because the organization now depends on the security posture and integrity of the SaaS provider.
Since the new system is provided and supported by a SaaS (Software-as-a-Service) provider, the primary risk is third-party security vulnerabilities associated with the supply chain vendor.
Why is this a risk?
The SaaS provider could have weak security controls, leading to data breaches or unauthorized access.
If the SaaS provider is compromised, attackers could use their access to infiltrate your organization's systems.
Opening firewall ports increases exposure to potential supply chain attacks, especially if the SaaS vendor has vulnerabilities in their infrastructure.
Straight from the CompTIA study guide the answer is supply chain vendor. A supply chain vendor can pose a risk to the new system if the vendor has poor security practices.
The correct answer is D. Vulnerable software.
Opening ports on a firewall can expose the system to potential vulnerabilities in the software being used, which may be exploited by attackers if the software is not kept updated or if it contains inherent security weaknesses.
The risk in the new system being deployed and supported by a SaaS (Software as a Service) provider is C. Supply chain vendor.
Supply chain vendor (C): When relying on a SaaS provider, the security of the system is partially dependent on the vendor's practices. If the vendor has weak security controls, it could introduce risks such as data breaches, vulnerabilities, or compliance issues. This is a significant concern because the organization has limited control over the vendor's security measures.
(A): While default credentials are a risk, they are typically associated with initial setup and configuration, not directly related to the SaaS provider or firewall port configuration.
(B): Network segmentation is important for security, but it is not directly tied to the SaaS provider or the act of opening firewall ports.
(D): Vulnerable software is a risk, but it is more relevant to the software running on the system rather than the SaaS provider or firewall configuration.
Opening ports creates potential entry points into the system. If the system or software being deployed has vulnerabilities, attackers can exploit the open ports to compromise the system.
C. Supply chain vendor
The primary risk in this scenario is the supply chain vendor. Since the system is a SaaS offering, the security of the underlying infrastructure and applications relies heavily on the vendor's security practices.
Here's a breakdown of why the other options aren't as relevant: the most significant risk in this scenario is the potential for vulnerabilities or security breaches within the SaaS provider's infrastructure or applications.
When deploying and supporting a system provided by a SaaS (Software as a Service) vendor, the supply chain vendor risk becomes a primary concern. The organization is relying on the SaaS provider for security, availability, and compliance. Risks include:
The SaaS provider's systems being compromised.
Lack of transparency in the vendor’s security measures.
Potential vulnerabilities in the SaaS platform affecting the organization.
These risks emphasize the importance of vendor assessments, contractual security requirements, and regular audits
you are opening firewall for a third party, ie allowing a third party into your network bringing all their vulnerabilities along for the ride. Supply chain vendor by definition
This section is not available anymore. Please use the main Exam Page.SY0-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Etc_Shadow28000
Highly Voted 10 months, 1 week agoEracle
3 months, 1 week agohasquaati
Highly Voted 11 months, 1 week agon3412
Most Recent 1 day, 17 hours agoJoeRealCool
2 weeks, 1 day agosquishy_fishy
1 month, 2 weeks agoStrissel
1 month, 3 weeks agoOluwatobi4880
1 month, 3 weeks agoMarkie100
2 months, 2 weeks agoITExperts
2 months, 4 weeks agobeebax
3 months ago760b372
3 months ago41c27e6
3 months, 3 weeks agoBenny_On
4 months, 1 week agoBenny_On
4 months, 1 week agoProudFather
4 months, 2 weeks agoFourgehan
4 months, 2 weeks agoDimpo_Oz
4 months, 3 weeks agofmeox567
4 months, 3 weeks ago