Which practice will not aid in eradicating IoT-based security incidents?

The practice of retaining the registry files of malware on the device firmware does not contribute to eradicating IoT-based security incidents. In fact, keeping such files can be detrimental as it allows the malware to persist and potentially re-establish itself after any remediation attempts. Effective incident response aims to eliminate all traces of malware to ensure that the system is clean and secure for future use.

On the other hand, removing malware from devices is crucial as it directly addresses and eliminates the threat. Conducting thorough forensics on the affected devices is also vital for understanding the scope of the incident, identifying vulnerabilities, and gathering evidence for further action. Rebooting affected IoT devices may help in some cases by resetting temporary states but does not remove malware from the system.

The key takeaway is that retaining malware registry files contradicts the fundamental goal of incident response – complete eradication of threats, making it clear why this practice would not aid in resolving IoT security incidents.