試験312-50v13-JPN トピック1 問題77 スレッド

The correct answer is A. Insecure Ecosystem Interfaces.
The weakness involves externally reachable components that interact with management platforms and expose administrative configuration functions. These components also suffer from insufficient input validation and weak authentication controls. This aligns with Insecure Ecosystem Interfaces, which covers insecure web, cloud, mobile, API, and backend interfaces that form part of the IoT device ecosystem.
CEH-aligned IoT material identifies vulnerable interfaces as a major IoT challenge and lists OWASP IoT categories including insecure web, cloud, and mobile interfaces, insufficient authentication/authorization, and insecure network services . It also explains that insecure cloud and mobile interfaces are associated with weak credentials, account enumeration, and poor interface protection . In the newer OWASP IoT wording, these interface weaknesses are commonly grouped under Insecure Ecosystem Interfaces.
Option B. Insecure Default Settings is incorrect because the scenario does not focus on default passwords, default configurations, unnecessary enabled services, or insecure factory settings.
Option C. Insecure Network Services is incorrect because that category focuses on vulnerable network services exposed by the device, such as services susceptible to buffer overflow or denial-of-service conditions. The scenario emphasizes external ecosystem components and management interfaces.
Option D. Lack of Device Management is incorrect because the scenario does not describe missing inventory, missing update management, missing decommissioning, or inability to monitor device lifecycle.
Therefore, the best answer is A. Insecure Ecosystem Interfaces.