CompTIA CySA+ (CS0-002) — Question 356

Which of the following are reasons why consumer IoT devices should be avoided in an enterprise environment? (Choose two.)

Answer options

• A. Message queuing telemetry transport does not support encryption.
• B. The devices may have weak or known passwords.
• C. The devices may cause a dramatic increase in wireless network traffic.
• D. The devices may utilize unsecure network protocols.
• E. Multiple devices may interfere with the functions of other IoT devices.
• F. The devices are not compatible with TLS 1.2.

Correct answer: B, D

Explanation

Option B is correct because weak or known passwords can easily be exploited, compromising device security. Option D is also correct as using unsecure network protocols can expose sensitive data and allow unauthorized access. The other options, while they may present issues, do not directly reflect the most critical security concerns in an enterprise environment.