An enterprise is evaluating new servers from various vendors for a high-security environment. Which of the following criteria should be prioritized to BEST ensure the hardware provider meets the company's stringent security policies and risk management?
Validating the security of the server's firmware at the time of delivery
Ensuring the hardware provider has no direct affiliations with foreign governments
Choosing hardware providers that the enterprise has worked with in the past
Obtaining comprehensive documentation for all hardware components
Validating the security of the server's firmware at the time of delivery is critical, as firmware vulnerabilities can compromise the entire system. Ensuring that the hardware provider has a secure firmware delivery and update process helps protect against supply chain attacks. While obtaining documentation, checking for government connections, and working with familiar brands provide different levels of assurance, they do not offer the same direct mitigation against hardware-based vulnerabilities and firmware integrity as validating the server's firmware security.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is firmware and why is its security important?
Open an interactive chat with Bash
What are supply chain attacks, and how do they relate to server hardware?
Open an interactive chat with Bash
What is the process for validating firmware security from a hardware provider?