ITEC 100- WEEK 6

refers to the

network of interconnected physical devices

embedded with sensors, software, and

connectivity that allow them to collect and

exchange data.

Internet of Things (IoT)

refers to protecting IoT

devices and networks from cyber

threats, unauthorized access, and data

breaches.

IoT security

Appliances, security cameras, smart doorbells, and

voice assistants often have weak security, making

them vulnerable to cyberattacks.

Smart Home Devices

Cybercriminals may target IoT healthcare devices like

pacemakers, insulin pumps, and patient monitors to

disrupt services or steal sensitive health information.

Medical Equipment

IoT systems in manufacturing and critical

infrastructure are susceptible to attacks, leading to

operational failures, production delays, or physical

damage.

Industrial Control Systems (ICS)

Modern vehicles use IoT for navigation, safety, and

diagnostics. Without proper security, hackers could

gain control, posing serious safety risks.

Connected Vehicles

Smartwatches, fitness trackers, and other IoT-enabled

wearables collect personal health data that can be

intercepted or misused by cybercriminals.

Wearable Technology

Use end-to-end encryption and Public

Key Infrastructure (PKI) to protect data

and ensure secure device

authentication.

Encryption and Secure Communication

Implement Multi-Factor Authentication

(MFA), use strong passwords, and apply

role-based access controls.

Strong Authentication and Access Controls

Isolate IoT devices, deploy firewalls, and

monitor traffic to block malicious activities.

Network Segmentation and Firewall

Regular Updates and Patch Management

Keep devices updated with security

patches and enable automatic firmware

updates.

Use endpoint protection tools and monitor

IoT traffic to detect and respond to threats in

real time.

Endpoint Protection and Monitoring

is an automated process that

identifies security weaknesses in computers, networks,

and communication systems. It is by scanning IP

addresses for known vulnerabilities and

misconfigurations. It helps detect potential threats

that cybercriminals could exploit.

vulnerability scan

These identify vulnerabilities in

your external security perimeter without requiring login

credentials.

Unauthenticated Scans:

Using privileged access, these scans

detect weaknesses within your internal networks.

Authenticated Scans:

Identify weaknesses in network devices like routers,

firewalls, and switches by checking for open ports, weak passwords,

and outdated firmware.

Network Scans

Detect vulnerabilities in web applications,

including SQL injection, cross-site scripting (XSS), and insecure

authentication.

Web Application Scans:

Assess servers or workstations for missing

patches, misconfigurations, and outdated software.

Host-Based Scans:

Spot security issues in database systems, such as

weak encryption, insecure settings, and unpatched vulnerabilities.

Database Scans:

This automated process is quicker and more

affordable, allowing frequent scans to detect

newly discovered vulnerabilities.

Vulnerability Scanning

Conducted manually by experts, it simulates

real-world attacks. Though it takes more time

and is costlier, it offers a detailed and accurate

evaluation of security risks.

Penetration Testing