A technician is setting up a WiFi-enabled thermostat for a customer, but the customer is concerned about IoT devices getting hacked. Which of the following BEST address the customer's concerns? (Choose two.)
A.
Use the latest encryption standard on the wireless network and set a strong password.
B.
Enable two-factor authentication for the IoT device's cloud account, if it is available.
C.
Separate the IoT thermostat by segregating it in a DMZ network.
D.
Disable wireless access on the thermostat to make it unshakable.
E.
Upgrade the customer's router to the latest version to improve network security.
F.
Upgrade the customer's wireless network encryption to WPA.
DMZ seperate the thermostate network completely from the home network. which means if someone hack to the thermostat, that is all they could see, a thermostat info, but not anything else.
The question isnt how they can secure other devices if it is hacked but how to protect the IOT device itself. DMZ opens it to more attacks. 2 factor makes it more difficult to gain access to the IOT device
AC . If it will be hacked, your whole network will not be affected . The costumer is not concern in the IoT device itself, he is more concerned on his whole network which will be compromise because of the IoT device. The hackers cannot do much harm on that.
These options provide the most effective measures to protect IoT devices from unauthorized access:
A. Use the latest encryption standard on the wireless network and set a strong password: Using the latest Wi-Fi encryption (WPA3, if available) and a strong password significantly improves security by making it harder for attackers to gain unauthorized access to the network.
B. Enable two-factor authentication for the IoT device's cloud account, if it is available: Two-factor authentication adds an extra layer of security to the cloud account associated with the thermostat, helping to protect it from unauthorized access even if the password is compromised.
AB makes more sense with respect to the question - they are concerned about ALL IoT devices, not just the thermostat, and in order to safeguard IoT devices, you would not place them into a DMZ - this would make the IoT devices more vulnerable. The question is not about the rest of the network but just IoT
The concerns with OIT devices being hacked is that they can get access to your network. DMZ uses them as a "honey pot" this is in the A+ Book. So if they can hack a IOT then cannot get into your network. Again I will cite the book, it is a CompTIA A+ exam not a IT exam. So there are many views but we are only concerned with the ComTIA A+ view.
El cliente esta preocupado por que le piraten su dispositivo IoT y a su vez los recursos de la red, pero como tecnico debemos darle la mejor opcion. A,C.
My way of thinking is IoT devices are mostly input. Like the thermostat. So, even if access is gained, there is no output the device could give. Now, an Alexa, or Google play? I dont think i would want that device in the DMZ, or my door locks or garage door opener. I would want multifactor for sure. Just my thoughts.
The concern of the client is SPECIFICALLY about iot devices, not about is LAN, so how place the iot in a DMZ could ever be a right answer. It actually expose what he want to protect. Total nonsense
Believe it or not, isolating the IOT devices from your network by using DMZ is a security recommendation of IOT devices. This ensures your LAN is safe if anything happens regarding these IOT devices. Because the security of these devices are already questionable in some cases, not having them inside the network, and having them outside of it safeguards the network.
The answer is definitely A and B like user54321 said. DMZ is about exposing a network to the public away from any protection such as firewall, IPS, e.t.c. There is no way C could have been a right answer.
I think it's B and E. C is incorrect like user54321 says.
It says the thermostat is wifi-enabled, not that the user wants to use this function. So turning this function off will prevent hacking.
Encryption will prevent your data (password) from being read, but won't prevent a brute-force. 2FA will prevent that.
It would stop unauthorized access, but i assumed that if we are setting up a wifi enabled thermostat for a customer that's what the customer's asked us to do. However this is an assumption.
WPA2 (what i assume they mean by latest encryption standard as theres not much mention of WPA3 in questions so far) with a strong password will usually be plenty to stop a brute force attack. If you've ever tried to crack a WPA2 handshake you'll know it's virtually impossible to brute force it, hashcat usually estimates "next big bang" as estimated run time. The combination of this and 2FA on the device's cloud account should stop almost all attacks on the that don't rely on convincing the user to give you the password.
Either B and D or A and B would stop unauthorized access to the device but if we use D it would see to defeat the purpose of the device.
iOT devices get hacked not by brute force but rather firmware that never gets upgraded so the base OS/Firmware is what is hackable. iOT devices get pwned because of unpatched easily exposed services and protocols and not 2MFA. We are not hacking by loggin in lol but rather using iOT devices to run Mira botnet and similar
upvoted 1 times
...
...
...
...
This section is not available anymore. Please use the main Exam Page.220-1001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
user54321
Highly Voted 4 years, 1 month agocaydan19
3 years, 4 months agodalg91
3 years, 3 months agojon21891
Highly Voted 3 years, 9 months agoCloudChef
Most Recent 7 months, 2 weeks agosaav07
1 year, 1 month agoJolly_7
1 year, 2 months agoFengs
2 years, 3 months agoRockm0uld
2 years, 11 months agoDarthBane
3 years, 3 months agoToro32
3 years, 5 months agoGilber507
3 years, 8 months agoGranddude
3 years, 9 months agoMastro_Grim
3 years, 9 months agoMindyTeflon
3 years, 10 months agoPrtu
3 years, 11 months agoJE39
4 years agoMastro_Grim
3 years, 9 months agothankGod
4 years, 1 month agoFrood44
4 years, 1 month agoFrood44
4 years, 1 month agouser54321
4 years agoGeezup
3 years, 8 months ago