312-50V13 · Question #533
312-50V13 Question #533: Real Exam Question with Answer & Explanation
The correct answer is C: Use network segmentation to isolate loMT devices from the main network.. Network Segmentation for IoMT Security Why C is Correct: Network segmentation isolates IoMT devices into their own dedicated network zone, meaning that even if a device is compromised, attackers cannot easily move laterally into the main IT infrastructure or other critical system
Question
You are a cybersecurity consultant for a healthcare organization that utilizes Internet of Medical Things (IoMT) devices, such as connected insulin pumps and heart rate monitors, to provide improved patientcare. Recently, the organization has been targeted by ransomware attacks. While the IT infrastructure was unaffected due to robust security measures, they are worried that the IoMT devices could be potential entry points for future attacks. What would be your main recommendation to protect these devices from such threats?
Options
- AImplement multi-factor authentication for all loMT devices.
- BDisable all wireless connectivity on loMT devices.
- CUse network segmentation to isolate loMT devices from the main network.
- DRegularly change the IP addresses of all loMT devices.
Explanation
Network Segmentation for IoMT Security
Why C is Correct: Network segmentation isolates IoMT devices into their own dedicated network zone, meaning that even if a device is compromised, attackers cannot easily move laterally into the main IT infrastructure or other critical systems - this is called limiting the attack surface. It's the most practical and effective solution because it balances security with the operational need to keep these life-critical devices functioning and connected.
Why the Distractors Are Wrong:
- A (Multi-factor authentication): While useful, many IoMT devices have limited interfaces and processing power, making MFA impractical or impossible to implement on the devices themselves.
- B (Disable wireless connectivity): This would render many IoMT devices non-functional, defeating their entire clinical purpose - connected insulin pumps need connectivity to provide real-time patient care.
- D (Changing IP addresses): This is largely ineffective against ransomware and would create significant network management chaos without meaningfully improving security.
Memory Tip: Think of network segmentation like a hospital ward with locked doors - even if someone gets into one room, they can't access the whole building. For IoMT, the mantra is: "Contain, don't constrain" - keep devices working while limiting their reach into critical systems.
Topics
Community Discussion
No community discussion yet for this question.