A company wants to use loT devices to manage and monitor thermostats at all facilities The thermostats must receive vendor security updates and limit access to other devices within the organization.

A company wants to use loT devices to manage and monitor thermostats at all facilities The thermostats must receive vendor security updates and limit access to other devices within the organization.

Which of the following best addresses the company’s requirements”
A . Only allowing Internet access to a set of specific domains
B . Operating lot devices on a separate network with no access to other devices internally
C . Only allowing operation for loT devices during a specified time window
D . Configuring IoT devices to always allow automatic updates

View Answer

Answer: B

Explanation:

The best approach for managing and monitoring IoT devices, such as thermostats, is to operate them on a separate network with no access to other internal devices. This segmentation ensures that the IoT devices are isolated from the main network, reducing the risk of potential security breaches affecting other critical systems. Additionally, this setup allows for secure vendor updates without exposing the broader network to potential vulnerabilities inherent in IoT devices.

References:

CompTIA SecurityX Study Guide: Recommends network segmentation for IoT devices to minimize security risks.

NIST Special Publication 800-183, "Network of Things": Advises on the isolation of IoT devices to enhance security.

"Practical IoT Security" by Brian Russell and Drew Van Duren: Discusses best practices for securing IoT devices, including network segmentation.