Hardening Steps for a Smart Switch in a Hospital Network | SY0-601 Exam

Harden a Smart Switch in a Hospital Network

Prev Question Next Question

Question

A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge of power surge or other fault situation.

The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application.

The security administrator isolated the switch on a separate VLAN and set up a patching routine.

Which of the following steps should also be taken to harden the smart switch?

A.

Set up an air gap for the switch. B.

Change the default password for the switch. C.

Place the switch in a Faraday cage. D.

Install a cable lock on the switch.

B.

Explanations

A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge of power surge or other fault situation.

The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application.

The security administrator isolated the switch on a separate VLAN and set up a patching routine.

Which of the following steps should also be taken to harden the smart switch?

A.

Set up an air gap for the switch.

B.

Change the default password for the switch.

C.

Place the switch in a Faraday cage.

D.

Install a cable lock on the switch.

B.

Option B, "Change the default password for the switch" is the correct answer.

Explanation: A smart switch is a network switch that has additional capabilities beyond simply transmitting data packets. Smart switches are often used in enterprises or data centers to manage network traffic and provide network security features.

In this scenario, the smart switch is used to monitor electrical levels and shut off power in case of a fault. The switch is installed on a wired network in a hospital and monitored by the facilities department via a cloud application.

To harden the smart switch, the security administrator has already taken two steps:

  1. Isolated the switch on a separate VLAN: A VLAN (Virtual Local Area Network) is a logical grouping of devices on a network. By isolating the switch on a separate VLAN, the security administrator has ensured that any potential security breaches on the switch are contained and do not affect other devices on the network.

  2. Set up a patching routine: A patching routine ensures that the smart switch's firmware is up to date with the latest security patches and bug fixes.

However, to further harden the smart switch, the security administrator should also take the following step:

B. Change the default password for the switch: Smart switches, like any other network device, come with default usernames and passwords. These default credentials are often publicly known and can be exploited by attackers. Changing the default password for the switch is a basic security measure that can prevent unauthorized access to the switch.

The other options, such as setting up an air gap for the switch, placing the switch in a Faraday cage, or installing a cable lock on the switch, may provide physical security for the device, but they do not directly address the security of the switch's network configuration. Thus, they are not relevant in this scenario.