CompTIA SecurityX (CAS-005) — Question 58

A security analyst discovers a new device on the company's dedicated IoT subnet during the most recent vulnerability scan. The scan results show numerous open ports and insecure protocols in addition to default usernames and passwords. A camera needs to transmit video to the security server in the IoT subnet. Which of the following should the security analyst recommend to securely operate the camera?

Answer options

• A. Harden the camera configuration.
• B. Send camera logs to the SIEM.
• C. Encrypt the camera's video stream.
• D. Place the camera on an isolated segment.

Correct answer: A

Explanation

The correct answer is A, as hardening the camera configuration addresses the vulnerabilities by changing default settings and securing open ports. While sending logs to the SIEM or encrypting the video stream (options B and C) are important for monitoring and security, they do not directly mitigate the immediate risks presented by the insecure configuration. Placing the camera on an isolated segment (option D) may help contain potential threats but does not solve the inherent security issues with the device itself.