A medium-sized company recently incorporated a new third-party component within its payment processing system. Shortly thereafter, irregular transaction patterns and unauthorized fund transfers were detected. Based on this scenario, what is the most likely cause of this security issue?
The intrusion detection system had an outdated signatures database, missing detection of new threats.
Lack of multifactor authentication allowed easy access to the payment system.
The third-party component had a pre-installed backdoor used for unauthorized transactions.
The system was running on end-of-life software with known vulnerabilities.
The most likely cause is the introduction of a compromised third-party component into the payment system that contained malicious code designed to perform unauthorized transactions. This reflects a supply chain attack where a trusted component is exploited to gain access to an organization's systems. The other reasons listed might also cause security issues, but they either do not directly relate to the recent change in the system (existing unpatched vulnerabilities or end-of-life software) or are less likely based on the specifics provided in the scenario (lack of multifactor authentication).
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a supply chain attack?
Open an interactive chat with Bash
What are backdoors in software?
Open an interactive chat with Bash
Why is it important to monitor transaction patterns?