Given a scenario where a penetration tester finds an IoT device running with default configurations that were hard-coded by the manufacturer, which of the following actions would be the BEST to perform in order to demonstrate the potential impact of this vulnerability?
Perform a factory reset to see if the hard-coded configurations are removed
Analyze the network traffic to and from the device for hard-coded values
Attempt to access the device using the default credentials
Expose the device to varying levels of electromagnetic interference to test for defaults