CompTIA CASP+ (CAS-004) — Question 394

A security analyst discovers a new device on the company's dedicated IoT subnet during the most recent vulnerability scan. The scan results show numerous open ports and insecure protocols in addition to default usernames and passwords. A camera needs to transmit video to the security server in the IoT subnet. Which of the following should the security analyst recommend to securely operate the camera?

Answer options

• A. Harden the camera configuration.
• B. Send camera logs to the SIEM.
• C. Encrypt the camera's video stream.
• D. Place the camera on an isolated segment.

Correct answer: A

Explanation

Harden the camera configuration is the correct choice because it directly addresses the vulnerabilities by changing default settings and securing open ports. Sending logs to the SIEM, encrypting the video stream, and isolating the camera are all important security practices, but they do not address the immediate need to secure the camera itself against exploitation through its configuration.