A technician is setting up a WiFi-enabled thermostat for a customer, but the customer is concerned about IoT devices getting hacked.
Which of the following BEST address the customer’s concerns? (Choose two.)
A. Use the latest encryption standard on the wireless network and set a strong password.
B. Enable two-factor authentication for the IoT device’s cloud account, if it is available.
C. Separate the IoT thermostat by segregating it in a DMZ network.
D. Disable wireless access on the thermostat to make it unshakable.
E. Upgrade the customer’s router to the latest version to improve network security.
F. Upgrade the customer’s wireless network encryption to WPA.
CompTIA A+ 220-1101 (Core 1) ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
 |
Agreed . DMZ should be used where it is necessary to expose a device to the WAN and reduce risk to devices by having them on the LAN side of the firewall away from the DMZ. purposely moving the IoT to the DMZ is the surest way to get hacked as the device will most likely have less defence as opposed to a Server or Firewall and will likely be compromised. Well done to CHompTIA again for teaching students to do the wrong thing. Epic Fail
I’m thinking this should be A and B
in regards to C …
In computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network or screened subnet) is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet.
—–
that kind of seems like the worst thing to do if the client is worried about security.