Certified in Risk and Information Systems Control (CRISC) — Question 1030

Which of the following is the MOST effective in mitigating the risk of rogue Internet of Things (IoT) devices in an organization’s network?

Answer options

• A. Intrusion prevention system (IPS)
• B. Real-time network traffic monitoring
• C. Using a connection-oriented protocol
• D. Documentation of network architecture

Correct answer: B

Explanation

Real-time network traffic monitoring (Option B) is the most effective because it allows for the immediate detection of unauthorized devices and abnormal behavior, enabling quick responses to potential threats. While an Intrusion Prevention System (Option A) can help, it may not catch all rogue devices. Connection-oriented protocols (Option C) and network documentation (Option D) do not actively monitor or mitigate risks associated with rogue IoT devices.