Certified Cybersecurity Technician IoT and OT Security PDF
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
Summary
This document discusses security principles in IoT-enabled environments. It explains the security of IoT devices and the need for measures to counter attack scenarios. The document details securing network devices and routers in IoT environments.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 loT and OT Security Module Flow Flo...
Certified Cybersecurity Technician Exam 212-82 loT and OT Security Module Flow Flo _ - Y.l f r : Understand IoT Devices, Discuss the Security Understand OT Discuss the Security Application Areas, and in IoT-enabled Concepts, Devices, in OT-enabled Communication Models Environments and Protocols Environments Discuss the Security in IoT-enabled Environments The objective of this section is to explain the security principles in loT-enabled environments. Module 13 Page 1577 Certified Cybersecurity Technician Copyright © by EG-Gouncil EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 10T and OT Security Security in IoT-enabled Environments With no or inadequate focus on IoT loT device security by manufacturers, security measures used to harden the 10T device are often insufficient Therefore, organizations should focus on countering attack scenarios in 0505 loT-enabled environments. Organizations should focus on securing 69( { G network devices and routers in an loT-enabled environment. This helps i}S restrict the attacker from accessing other parts of the network and performing targeted attacks 6 o The organization should use multilayered management. An overarching multilayered security plan and constant maintenance are necessary to effectively secure all these disparate 10T devices 0 Company-wide collaboration and synchronization are required to secure an loT-enabled environment Copyright © by EC-Councll AN Rights Reserved. ReproductionIs Strictly Prohibited Security in IoT-enabled Environments loT devices are vastly different from each other, the security of devices relies on their Because |oT type and model. With no or inadequate focus on IoT |oT device security by manufacturers, security measures used for loT10T devices often fall short. Therefore, an organization should focus on securing loT devices and countering attack scenarios in loT-enabled environments. An organization can secure loT devices by changing the default passwords, disabling unused features, updating firmware and applications, and using a legitimate application developed by a reliable vendor in the case of loT 10T devices that rely on third-party applications. An adversary uses a compromised loT10T device as an entry point to a network and performs a lateral movement attack. For example, a a compromised smart printer can infect other systems and devices connected to the same network. A compromised router can spread malware to all 10T devices connected to it. Therefore, organizations the loT should focus on securing network devices and routers in an loT-enabled environment. To secure an loT network and router, the user should map and monitor all the devices, apply network segmentation, ensure a secure network architecture, use routers with in-built firewalls, and disable unnecessary services such as Universal Plug and Play (UPnP). This helps in restricting the attacker from accessing other parts of the network and performing targeted attacks. An organization should use multi-layered management. To secure all the different loT IoT devices, an overarching multi-layered security plan and constant maintenance are required. The organization should enforce security solutions that safeguard the loT devices and detect malware at the endpoint level. It should also use security software that checks the network traffic between routers and connected devices to protect the IoT devices. Further, it should Module 13 Page 1578 Certified Cybersecurity Technician Copyright © by EG-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 1oT and OT Security utilize network appliances to monitor all the ports and network protocols for detecting advance threats and safeguard the 10T devices from targeted attacks. Company-wide collaboration and synchronization are required to secure an loT-enabled environment. Module 13 Page 1579 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 loT and OT Security IoT System Management e © O ‘)0@ Device Management User Management Security Monitoring O Ensure secure data transmission O Provide control over the users O To address security breaches at to facilitate fine interaction who have access to an loT system. early stages and to prevent between devices and to guarantee User management includes malicious attacks on an loT the proper functioning of devices identifying users, setting user system, perform the activities in an loT system roles and access levels, such as log and analyze controlling access, etc. commands sent by control applications to things, monitor and store all the actions of users, identify the patterns of malicious behavior, etc. IoT System Management loT system management involves the following. = Device management Ensure secure data transmission to facilitate fine interaction between devices and to guarantee the proper functioning of devices in an loT system. o Identify the identity of devices to ensure a trusted device with genuine software transmitting reliable data. o Configure devices and control them as per the requirements of an IoT system. For example, provide IDs for devices. o Monitor and diagnose devices to ensure the smooth and secure functioning of loT devices. o Update software and maintain it to add functionality, fix bugs, and address vulnerabilities. = User management Provide control over the users who have access to an IoT loT system. User management includes the following: o ldentify users. o Set user roles (owners, guests, etc.). o Set access levels for users. o Control the access of a few users to specific information. Module 13 Page 1580 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 loT and OT Security o Set user ownership. o Add and remove users. o Manage user settings. o Allow permissions to perform certain operations within an 10T system (for example, controlling and recording user activities). = Security monitoring To address security breaches at early stages and to prevent malicious attacks on an loT system, the following should be performed: o Log and analyze commands sent by control applications to things. o Monitor the actions of users. o Store all actions in the cloud. o lIdentify the patterns of malicious behavior. o Store samples of malicious activity and compare them with the logs generated by the loT system to avoid attacks and their impact. Module 13 Page 1581 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.