Chapter 34 Quiz: Supply Chain Security

Question 1

What is a dependency confusion attack?

A) An attack that exploits confusion in the dependency resolution algorithm to crash package managers B) An attack that registers public packages with the same name as private internal packages, exploiting package manager resolution order C) An attack that modifies the dependency tree of an application after it is deployed D) An attack that creates circular dependencies to cause denial of service during builds

Answer: B Dependency confusion exploits the fact that some package managers will prefer a higher-versioned public package over a lower-versioned private package when both registries are configured. Alex Birsan demonstrated this against Apple, Microsoft, and other major companies in 2021.

Question 2

Which of the following is the most effective defense against dependency confusion attacks?

A) Using the latest version of all dependencies B) Running antivirus on the build server C) Using scoped/namespaced packages and configuring registry settings to prevent public fallback D) Manually reviewing all dependency source code

Answer: C Scoped packages (e.g., @mycompany/internal-lib) prevent name squatting on public registries. Combined with proper registry configuration that blocks public fallback for internal package names, this effectively eliminates the dependency confusion attack vector.

Question 3

What is a Software Bill of Materials (SBOM)?

A) A financial document listing the cost of all software licenses B) A comprehensive inventory of all components, libraries, and dependencies in a software artifact C) A build log showing all compilation steps D) A list of all known vulnerabilities in a software package

Answer: B An SBOM is analogous to an ingredient list for food. It documents every component included in a software product, enabling rapid vulnerability assessment when new CVEs are disclosed.

Question 4

In the context of CI/CD security, what is Poisoned Pipeline Execution (PPE)?

A) Executing malicious code by modifying CI/CD pipeline configuration files B) A denial-of-service attack against build servers C) Stealing secrets from pipeline logs D) Installing malware on developer workstations through IDE plugins

Answer: A PPE involves modifying pipeline configuration files (like .github/workflows/*.yml) to execute malicious commands. Variants include Direct PPE (modifying the pipeline file itself), Indirect PPE (modifying files referenced by the pipeline), and Public PPE (exploiting pipelines that run on fork pull requests).

Question 5

Why is referencing GitHub Actions by mutable tags (e.g., uses: actions/checkout@v3) a security risk?

A) Tags cannot be verified by GitHub's security infrastructure B) The action author can change what the tag points to at any time, potentially replacing the action with malicious code C) Tags are slower to resolve than commit SHAs D) Tags cannot be cached by the runner, causing repeated downloads

Answer: B Mutable tags like v3 can be moved by the action author to point to different commits. An attacker who compromises the action's repository could redirect the tag to malicious code. Pinning to a specific commit SHA (e.g., uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab) provides immutable references.

Question 6

What is the primary purpose of SLSA (Supply-chain Levels for Software Artifacts)?

A) To encrypt software during distribution B) To provide a framework for achieving verifiable build provenance and supply chain integrity C) To replace code signing with a new cryptographic standard D) To standardize the format of vulnerability reports

Answer: B SLSA provides a structured framework with four levels of increasing assurance for supply chain security, focusing on build provenance -- who built what, when, and how -- and build integrity.

Question 7

What role does the Rekor transparency log play in the Sigstore ecosystem?

A) It stores private signing keys securely B) It records all signing events, enabling public verification of artifact signatures C) It generates signing certificates D) It scans signed artifacts for vulnerabilities

Answer: B Rekor is a transparency log that records every signing event in the Sigstore ecosystem. This creates an immutable, publicly auditable record of all signatures, enabling verification without requiring long-lived key management.

Question 8

Which SBOM format was originally designed specifically for security use cases?

A) SPDX B) CycloneDX C) SWID D) NPM Package.json

Answer: B CycloneDX was designed by OWASP specifically for security use cases. It supports vulnerability attribution, service definitions, and formulation (build process documentation). SPDX was originally focused on license compliance, though it has since expanded to include security features.

Question 9

What is a reproducible build?

A) A build that produces the same test results every time B) A build that can be repeated on any developer's machine C) A build that produces bit-for-bit identical output given the same source, environment, and instructions D) A build that generates identical documentation each time

Answer: C Reproducible builds produce bit-for-bit identical binary artifacts from the same inputs. This allows independent verification that a distributed binary was genuinely built from the claimed source code, providing protection against build system compromise.

Question 10

What does the OpenSSF Scorecard tool evaluate?

A) The financial health of open-source project maintainers B) The code quality and test coverage of open-source projects C) The security practices and posture of open-source projects D) The performance benchmarks of open-source libraries

Answer: C OpenSSF Scorecard evaluates security practices including branch protection rules, CI/CD configuration security, code review requirements, vulnerability disclosure processes, dependency update practices, and signed releases.

Question 11

Which of the following is NOT one of the attacks that The Update Framework (TUF) is designed to prevent?

A) Rollback attacks (providing an older, vulnerable version) B) Dependency confusion attacks C) Indefinite freeze attacks (preventing clients from learning about updates) D) Arbitrary software installation (convincing clients to install malware)

Answer: B TUF addresses attacks specific to software update systems: arbitrary software installation, rollback attacks, indefinite freeze attacks, and mix-and-match attacks. Dependency confusion is a separate attack vector related to package manager resolution behavior.

Question 12

What is the pull_request_target event in GitHub Actions, and why is it a security concern?

A) It triggers workflows on the target repository's default branch but can be abused to access secrets with untrusted fork code B) It sends pull request data to a third-party target server C) It allows targeting specific pull requests for automated merging D) It triggers workflows only on trusted contributor pull requests

Answer: A The pull_request_target event runs workflows in the context of the base repository (with access to secrets) even when triggered by a pull request from a fork. If the workflow checks out and runs the fork's code, an attacker can execute arbitrary code with access to the base repository's secrets.

Question 13

In the context of supply chain security, what is "typosquatting"?

A) Registering domain names similar to popular websites for phishing B) Registering packages with names similar to popular legitimate packages, hoping developers will accidentally install the malicious version C) Intentionally introducing typos into source code to create vulnerabilities D) Using keyboard logging to capture mistyped passwords

Answer: B Typosquatting in package management involves registering packages with names similar to popular ones (e.g., crossenv instead of cross-env). Developers who mistype package names during installation may inadvertently install the malicious package.

Question 14

Executive Order 14028 requires what specific supply chain security measure for software sold to the U.S. federal government?

A) All software must be open source B) Software vendors must provide Software Bills of Materials (SBOMs) C) All software must be built using reproducible builds D) Software must be signed with government-issued certificates

Answer: B Executive Order 14028 (May 2021) on Improving the Nation's Cybersecurity requires software vendors selling to the federal government to provide SBOMs, enabling the government to quickly assess exposure when new vulnerabilities are discovered.

Question 15

What is the primary risk of using a package maintained by a single developer?

A) The package is likely to contain more bugs B) Single-developer packages cannot be used in enterprise environments C) A "bus factor" of one creates risk of abandonment, compromise, or inability to patch vulnerabilities D) Single developers cannot obtain code signing certificates

Answer: C A bus factor of one means that if the sole maintainer becomes unavailable (through burnout, career change, or compromise of their account), the package may not receive security patches and could become a supply chain risk for all downstream consumers.

Question 16

Which tool would you use to scan a CycloneDX SBOM for known vulnerabilities?

A) Cosign B) Grype C) Rekor D) Sigstore

Answer: B Grype is a vulnerability scanner that can analyze SBOMs in CycloneDX and SPDX formats against known vulnerability databases. Cosign, Rekor, and Sigstore are related to code signing and verification, not vulnerability scanning.

Question 17

What is the in-toto framework designed to verify?

A) The integrity of individual package signatures B) The integrity of the entire software supply chain, ensuring all expected steps were performed by authorized parties C) The authenticity of Docker container images D) The correctness of SBOM data

Answer: B in-toto verifies the complete supply chain by ensuring that all defined steps (coding, review, building, testing) were performed by authorized parties in the correct order, and that outputs from one step match inputs to the next.

Question 18

Which of the following is an emerging supply chain risk specific to AI/ML systems?

A) Prompt injection through manipulated training data B) Pickle deserialization attacks via compromised pre-trained models C) Buffer overflow in GPU drivers D) SQL injection in model serving APIs

Answer: B Many ML frameworks use pickle serialization, which can execute arbitrary code during deserialization. A compromised pre-trained model distributed through platforms like Hugging Face could execute malicious code when loaded by a researcher or application.