CEH v13 emphasizes that IoT and smart city environments are highly sensitive and safety-critical. When an IoT device shows anomalous outbound traffic and unauthorized open ports, this strongly indicates device compromise.
The correct immediate response is to isolate the affected device to prevent lateral movement and protect public safety. CEH v13 further stresses the importance of firmware analysis, as IoT malware often resides at the firmware level to maintain persistence.
Attempting reverse connections (Option A) is risky and may violate operational safety. Firewall changes alone (Option C) do not address an already compromised device. A full penetration test (Option D) is appropriate later but not as an immediate containment step.
Therefore, Option B aligns with CEH v13 incident handling best practices for IoT and OT environments.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit