Hardware Vulnerabilities 2.3

Question 1

[…] devices typically do not have an accessible operating system, but still pose a potential security risk because they are connected to your network

Answer 1

IoT

Question 2

The software / OS inside of hardware that controls it is called […]

Answer 2

Firmware

Question 3

The only entity that can update firmware for hardware is […], assuming they are aware of it and care about fixing it

Answer 3

The vendor

Question 4

[…] is when the manufacturer of a product stops selling a product

Answer 4

End of Life (EOL)

Question 5

[…] is when a manufacturer stops selling a product and also stops supporting it

Answer 5

End of Service Life (EOSL)

Question 6

Regarding […] hardware / software, you should compare the risk of continuing using the device VS the security concerns of keeping it in your network

Answer 6

Legacy

Question 7

If legacy devices are critical and cannot be replaced, you can make it safer by
-[…]
-[…]

Answer 7

• Adding additional firewall rules that limits who can connect to it
• Adding IPS signatures for older operating systems