ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization has deployed several hundred smart HVAC controllers on a dedicated IoT VLAN. The security team must be alerted if any controller suddenly begins sending data to unfamiliar Internet hosts or using non-standard protocols, but they have limited budget and want to reuse existing security tooling. Which approach BEST enables continuous monitoring of the controllers' network behavior?
Apply switch port security to limit each access port to a single permitted MAC address.
Enable flow monitoring (e.g., NetFlow/IPFIX) on the IoT VLAN and have the SIEM alert on deviations from the established traffic baseline.
Schedule nightly credentialed vulnerability scans against the controllers and review the reports each morning.
Require all HVAC controllers to authenticate to the Wi-Fi network using WPA3-Enterprise.
Exporting flow data (for example, NetFlow or IPFIX) from the IoT VLAN to the organization's SIEM allows security staff to build a baseline of normal destination addresses, ports, and volumes for every controller. The SIEM can then trigger alerts when traffic deviates from that baseline, providing continuous, behavior-based monitoring without purchasing new appliance licenses.
WPA3-Enterprise strengthens Wi-Fi authentication but does not watch for anomalous traffic once a device is connected. Port security limits the number of MAC addresses per switch port and helps keep rogue devices off the network, yet it does not analyze legitimate devices' communications. Scheduled vulnerability scans identify missing patches or weak configurations but occur periodically and therefore cannot provide real-time detection of abnormal outbound connections.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is NetFlow/IPFIX and how does it help in monitoring network traffic?
Open an interactive chat with Bash
Why is using a SIEM better for detecting traffic anomalies than scheduled vulnerability scans?
Open an interactive chat with Bash
How does building a traffic baseline benefit IoT security monitoring?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Network and Communication Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .