312-50V13 · Question #587
As a cybersecurity analyst at IoT Defend, you are working with a large utility company that uses Industrial Control Systems (ICS) in its operational technology (OT) environment. The company has recent
The correct answer is C. Conduct a vulnerability assessment specifically for the IoT devices.. To identify potential vulnerabilities in newly integrated IoT devices within an OT environment, the first recommended action is to conduct a specific vulnerability assessment for these devices.
Question
Options
- AUse stronger encryption algorithms for data transmission between IoT devices.
- BImplement network segmentation to isolate IoT devices from the rest of the network.
- CConduct a vulnerability assessment specifically for the IoT devices.
- DInstall the latest antivirus software on each IoT device.
How the community answered
(44 responses)- A2% (1)
- B5% (2)
- C82% (36)
- D11% (5)
Why each option
To identify potential vulnerabilities in newly integrated IoT devices within an OT environment, the first recommended action is to conduct a specific vulnerability assessment for these devices.
Using stronger encryption is a good security measure, but it's a specific control that should be implemented *after* understanding the full vulnerability landscape of the devices through an assessment.
Network segmentation is a critical security control for isolating IoT/OT devices, but it's a remediation/mitigation step that follows the identification of risks and vulnerabilities.
Before implementing specific security controls, the *first step* in securing new IoT devices in an OT environment is to understand their unique security posture. A dedicated vulnerability assessment for IoT devices will identify inherent weaknesses, misconfigurations, or known exploits that need to be addressed, guiding subsequent security strategies and remediation efforts.
Many IoT devices have limited resources and may not support traditional antivirus software, and even if they could, installing antivirus is a specific control that comes after a comprehensive understanding of vulnerabilities through assessment.
Concept tested: Initial steps in IoT/OT security
Source: https://www.cisco.com/c/en/us/solutions/internet-of-things/iot-security.html
Topics
Community Discussion
No community discussion yet for this question.