Given a scenario where a penetration tester finds an IoT device running with default configurations that were hard-coded by the manufacturer, which of the following actions would be the BEST to perform in order to demonstrate the potential impact of this vulnerability?
Expose the device to varying levels of electromagnetic interference to test for defaults
Perform a factory reset to see if the hard-coded configurations are removed
Attempt to access the device using the default credentials
Analyze the network traffic to and from the device for hard-coded values