Answer-first summary for fast verification
Answer: threat monitoring, passive traffic monitoring
The two security methodologies that should be included in the recommendation for applying Zero Trust principles to OT and IoT devices based on the MCRA while minimizing the risk of disrupting business operations are: threat monitoring and passive traffic monitoring. Threat monitoring involves continuous monitoring and analysis of network traffic, system logs, and other data sources to detect and respond to potential security threats. Passive traffic monitoring involves monitoring network traffic without actively sending packets or generating traffic, thus minimizing disruption to business operations. According to the MCRA, software patching (option C) is not practical or fully effective in an OT environment, and active scanning (option A) could disrupt business operations.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You are responsible for evaluating the security of legacy operational technology (OT) devices and Internet of Things (IoT) devices within your organization. To enhance the security posture of these devices, you need to implement Zero Trust principles according to the guidelines provided by the Microsoft Cybersecurity Reference Architectures (MCRA). Your objective is to ensure that the implementation of these security practices does not interfere with the ongoing business operations. What are two security methodologies you should incorporate into your strategy? Each correct choice constitutes part of the overall solution. NOTE: Each correct selection is worth one point.
A
active scanning
B
threat monitoring
C
software patching
D
passive traffic monitoring