ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization is deploying hundreds of IoT temperature sensors on an outdoor perimeter fence to monitor critical equipment. Although the sensors will use TLS for data-in-transit encryption and 802.1X for network admission, they will remain physically reachable by the public. Management asks which additional safeguard will MOST effectively reduce the risk of attackers tampering with, removing, or replacing a sensor in the field. Which option should you recommend?
Place all sensors on a dedicated VLAN protected by restrictive access-control lists.
Install every sensor inside a hardened, weather-proof enclosure equipped with locks and tamper-evident seals.
Require 802.1X port authentication so a sensor cannot join the network without valid credentials.
Enforce mutual TLS with X.509 certificates for all sensor communications to the cloud endpoint.
Physical security controls are the first line of defense for IoT devices installed in uncontrolled or public areas. Housing each sensor in a lockable, weather-resistant enclosure fitted with tamper-evident seals makes unauthorized physical access far more difficult and provides clear indication if a device has been opened or replaced. Network-layer measures such as 802.1X, VLANs, or TLS protect communications and logical access but do not stop an attacker from physically removing or altering the hardware. Cryptographically signed firmware helps ensure code integrity after installation but does not prevent the initial physical compromise. Therefore, robust physical protection of the device itself is the most effective control against physical tampering.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
ELI5: What is TLS for data-in-transit encryption?
Open an interactive chat with Bash
What are tamper-evident seals, and how do they enhance physical security?
Open an interactive chat with Bash
Why does physical protection matter for IoT devices in public areas?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Network and Communication Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .