Cisco Certified Internetwork Expert (CCIE) Practice Test

Which two design options are best to reduce security concerns when adopting IoT into an organization? (Choose two)

• A. Encrypt data at rest on all devices in the IoT network
• B. Implement video analytics on IP cameras
• C. Encrypt sensor data in transit
• D. Segment the Field Area Network from the Data Center network

The correct answer is: Encrypt sensor data in transit

Encrypting sensor data in transit is a crucial design option for reducing security concerns associated with IoT adoption. This practice ensures that any data transmitted from IoT devices to the cloud or other destinations is protected from eavesdropping and tampering during its journey. As IoT devices often communicate over wireless networks that can be susceptible to interception, encryption provides a critical layer of security, making it significantly more difficult for unauthorized entities to access or manipulate the data being transmitted. This is especially important when dealing with sensitive information that could impact both organizational operations and user privacy. In addition to this, segmenting the Field Area Network from the Data Center network is another effective approach. This method involves creating distinct network segments for IoT devices, thereby isolating them from the central data and systems in the Data Center. By applying network segmentation, organizations can contain potential security threats, limiting the impact of any breaches that could occur within the IoT environment. Segmentation helps in implementing tailored security policies and controls for different parts of the network, improving overall resilience against attacks and ensuring that critical data remains protected. Implementing these strategies collectively enhances the overall security posture when integrating IoT technologies into an organization, addressing vulnerabilities and ensuring that data integrity and confidentiality are maintained.