Certified Ethical Hacker (CEH v12) — Question 171

You are a cybersecurity consultant at SecureIoT Inc. A manufacturing company has contracted you to strengthen the security of their Industrial IoT (IIoT) devices used in their operational technology (OT)environment. They are concerned about potential attacks that could disrupt their production lines and compromise safety. They have an advanced firewall system in place, but you know this alone is not enough. Which of the following measures should you suggest to provide comprehensive protection for their IIoT devices?

Answer options

• A. Increase the frequency of changing passwords on all IIoT devices.
• B. Use the same encryption standards for IIoT devices as for IT devices.
• C. Rely on the existing firewall and install antivirus software on each IIoT device.
• D. Implement network segmentation to separate IIoT devices from the rest of the network.

Correct answer: D

Explanation

The correct answer is D because implementing network segmentation helps to isolate IIoT devices from other parts of the network, limiting potential attack vectors and enhancing security. Options A and B do not address the structural vulnerabilities of the network, while option C relies too heavily on existing protections without addressing the specific needs of IIoT devices.