Certified Ethical Hacker (CEH v13) — Question 120

You are a cybersecurity consultant for a healthcare organization that utilizes Internet of Medical Things (IoMT) devices, such as connected insulin pumps and heart rate monitors, to provide improved patientcare. Recently, the organization has been targeted by ransomware attacks. While the IT infrastructure was unaffected due to robust security measures, they are worried that the IoMT devices could be potential entry points for future attacks. What would be your main recommendation to protect these devices from such threats?

Answer options

• A. Disable all wireless connectivity on IoMT devices.
• B. Regularly change the IP addresses of all IoMT devices.
• C. Use network segmentation to isolate IoMT devices from the main network.
• D. Implement multi-factor authentication for all IoMT devices.

Correct answer: C

Explanation

The correct answer is C because network segmentation effectively isolates IoMT devices, reducing the risk of lateral movement by attackers if they manage to breach the network. Option A may disrupt device functionality, while B does not address security directly, and D, while beneficial, does not provide the same level of protection as segmentation in this specific context.