A utility operates older embedded devices in its power distribution network. They cannot receive updates from the manufacturer, and operators worry that malicious traffic could disrupt vital functions. Which approach is most likely to protect these assets while respecting their hardware limitations?
Initiate strict monthly patch cycles to force security updates
Deploy advanced threat software on their operating platforms
Transfer their functionality to hosted off-site equipment
Assign them to a dedicated segment and control inbound and outbound access
Assigning them to a dedicated segment limits incoming and outgoing communication. This type of isolation provides visibility into traffic, which helps defend against unwanted commands. Other approaches, such as deploying modern software on hardware that cannot support it, do not mitigate threats effectively. Moving them to an unfamiliar environment or forcing frequent updates on unsupported hardware creates more security risks rather than preventing them.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to assign devices to a dedicated segment?
Open an interactive chat with Bash
Why can't older embedded devices receive updates from the manufacturer?
Open an interactive chat with Bash
How does isolating embedded devices improve security?