Register
A user asks a security practitioner for recommendations on securing a home network. The user recently purchased a connected home assistant and multiple IoT devices in an effort to automate the home. Some
180k views
4 votes
A user asks a security practitioner for recommendations on securing a home network. The user recently purchased a connected home assistant and multiple IoT devices in an effort to automate the home. Some of the IoT devices are wearables, and other are installed in the user's automobiles. The current home network is configured as a single flat network behind an ISP-supplied router. The router has a single IP address, and the router performs NAT on incoming traffic to route it to individual devices.

Which of the following security controls would address the user's privacy concerns and provide the BEST level of security for the home network?

A. Ensure all IoT devices are configured in a geofencing mode so the devices do not work when removed from the home network. Disable the home assistant unless actively using it, and segment the network so each IoT device has its own segment.

B. Install a firewall capable of cryptographically separating network traffic, require strong authentication to access all IoT devices, and restrict network access for the home assistant based on time-of-day restrictions.

C. Segment the home network to separate network traffic from users and the IoT devices, ensure security settings on the home assistant support no or limited recording capability, and install firewall rules on the router to restrict traffic to the home assistant as much as possible.

D. Change all default passwords on the IoT devices, disable Internet access for the IoT devices and the home assistant, obtain routable IP addresses for all devices, and implement IPv6 and IPSec protections on all network traffic.

User Ginger McMurray
by
7.2k points

1 Answer

3 votes

Final answer:

The best security approach for the home network is option C, which involves segmenting the network, configuring security settings on the home assistant, and implementing firewall rules.

Step-by-step explanation:

For optimal security of the home network with IoT devices and a connected home assistant, option C is the most effective. Segmenting the network into separate zones for users and IoT devices provides a crucial layer of defense, isolating potential security vulnerabilities. Configuring security settings on the home assistant to limit or eliminate recording capabilities enhances privacy. Additionally, implementing firewall rules on the router is vital to restrict traffic to the home assistant, minimizing the attack surface.

While option B is also robust, involving the installation of a firewall for cryptographic separation, strong authentication requirements, and time-of-day restrictions, option C's emphasis on segmentation provides a more granular control over network access. This is especially important given the diverse nature of IoT devices and the varying security implications they may pose. Both options underscore the significance of proactive security measures, but option C's focus on network segmentation aligns closely with best practices for securing interconnected devices in a home environment.

User Meike
by
8.5k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

9.4m questions

12.1m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
describe an advance in technology that makes life more enjoyable. what discoveries contribute to this technology?
Link Copied!