ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization plans to deploy 5,000 smart temperature sensors across manufacturing plants. Each sensor ships with username admin and password admin. Security policy mandates that default credentials must never be active in production. Which control BEST satisfies this requirement while minimizing hands-on configuration effort in the field?
Enable the vendor's zero-touch provisioning to generate a unique X.509 certificate for every sensor at first boot and automatically disable the factory credentials.
Place every sensor in a dedicated, WPA2-Enterprise-protected VLAN so the default credentials cannot be reached from other network segments.
Retain the factory credentials but configure strong, unique SNMPv3 authentication strings for management traffic.
Apply a network ACL that blocks all outbound traffic from each sensor until an installer manually changes the default password.
Zero-touch provisioning that injects a device-unique X.509 certificate and simultaneously disables the factory login removes the default username/password before the sensor becomes operational, eliminating a well-known IoT weakness identified by both NIST and OWASP. An ACL that blocks traffic until someone changes the password still relies on manual action and leaves the default credential present. VLAN or WPA2-Enterprise isolation reduces exposure but does not eliminate the credential, violating policy. Switching to strong SNMPv3 communities does nothing to mitigate the unchanged admin/admin account, so the risk remains.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is zero-touch provisioning in IoT devices?
Open an interactive chat with Bash
What is an X.509 certificate and how does it enhance IoT security?
Open an interactive chat with Bash
Why are default credentials considered a security risk in IoT devices?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Network and Communication Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .