Certified Ethical Hacker (CEH v13) — Question 143

You are a cybersecurity consultant at SecureIoT Inc. A manufacturing company has contracted you to strengthen the security of their Industrial IoT (IIoT) devices used in their operational technology (OT)environment. They are concerned about potential attacks that could disrupt their production lines and compromise safety. They have an advanced firewall system in place, but you know this alone is not enough. Which of the following measures should you suggest to provide comprehensive protection for their IIoT devices?

Answer options

• A. Increase the frequency of changing passwords on all IIoT devices.
• B. Use the same encryption standards for IIoT devices as for IT devices.
• C. Rely on the existing firewall and install antivirus software on each IIoT device.
• D. Implement network segmentation to separate IIoT devices from the rest of the network.

Correct answer: D

Explanation

The correct option, D, suggests implementing network segmentation, which is crucial for isolating IIoT devices and limiting the potential impact of an attack. Option A, while important for security, does not address the overall architecture of the network. Option B is inadequate as it overlooks the unique security requirements of IIoT devices compared to IT devices. Option C incorrectly assumes that a firewall and antivirus software alone can secure IIoT devices without additional architectural changes.