Winter Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Certensure Logo
  1. Home
  2. CertNexus
  3. Certified IoT Security Practitioner
  4. ITS-110 - Certified Internet of Things Security Practitioner (CIoTSP)

CertNexus ITS-110 Certified Internet of Things Security Practitioner (CIoTSP) Exam Practice Test

Demo: 30 questions
Total 100 questions
Get ITS-110 Full Access Download ITS-110 PDF

Certified Internet of Things Security Practitioner (CIoTSP) Questions and Answers

Question 1

A hacker is able to extract users' names, birth dates, height, and weight from an IoT manufacturer's user portal. Which of the following types of data has been compromised?

Options:

A.

Protected health information

B.

Personal health information

C.

Personal identity information

D.

Personally identifiable information

Question 2

An IoT systems administrator needs to be able to detect packet injection attacks. Which of the follow methods or technologies is the administrator most likely to implement?

Options:

A.

Internet Protocol Security (IPSec) with Encapsulating Security Payload (ESP)

B.

Point-to-Point Tunneling Protocol (PPTP)

C.

Layer 2 Tunneling Protocol (L2TP)

D.

Internet Protocol Security (IPSec) with Authentication Headers (AH)

Question 3

An IoT security administrator is concerned about an external attacker using the internal device management local area network (LAN) to compromise his IoT devices. Which of the following countermeasures should the security administrator implement? (Choose three.)

Options:

A.

Require the use of Password Authentication Protocol (PAP)

B.

Create a separate management virtual LAN (VLAN)

C.

Ensure that all IoT management servers are running antivirus software

D.

Implement 802.1X for authentication

E.

Ensure that the Time To Live (TTL) flag for outgoing packets is set to 1

F.

Only allow outbound traffic from the management LAN

G.

Ensure that all administrators access the management server at specific times

Question 4

An IoT security administrator wants to encrypt the database used to store sensitive IoT device data. Which of the following algorithms should he choose?

Options:

A.

Triple Data Encryption Standard (3DES)

B.

ElGamal

C.

Rivest-Shamir-Adleman (RSA)

D.

Secure Hash Algorithm 3-512 (SHA3-512)

Question 5

A corporation's IoT security administrator has configured his IoT endpoints to send their data directly to a database using Secure Sockets Layer (SSL)/Transport Layer Security (TLS). Which entity provides the symmetric key used to secure the data in transit?

Options:

A.

The administrator's machine

B.

The database server

C.

The Key Distribution Center (KDC)

D.

The IoT endpoint

Question 6

A security practitioner wants to encrypt a large datastore. Which of the following is the BEST choice to implement?

Options:

A.

Asymmetric encryption standards

B.

Symmetric encryption standards

C.

Elliptic curve cryptography (ECC)

D.

Diffie-Hellman (DH) algorithm

Question 7

A hacker is sniffing network traffic with plans to intercept user credentials and then use them to log into remote websites. Which of the following attacks could the hacker be attempting? (Choose two.)

Options:

A.

Masquerading

B.

Brute force

C.

Directory traversal

D.

Session replay

E.

Spear phishing

Question 8

A hacker was able to generate a trusted certificate that spoofs an IoT-enabled security camera's management portal. Which of the following is the most likely cause of this exploit?

Options:

A.

Bootloader code is stored in unsecure flash memory

B.

The portal's certificate is stored in unsecure flash memory

C.

X.509 private keys are stored in unsecure flash memory

D.

Firmware is loaded from flash using unsecure object references

Question 9

Which of the following methods or technologies is most likely to be used in order to mitigate brute force attacks?

Options:

A.

Account lockout policy

B.

Automated security logging

C.

Role-based access control

D.

Secure password recovery

Question 10

An IoT manufacturer needs to ensure that firmware flaws can be addressed even after their devices have been deployed. Which of the following methods should the manufacturer use to meet this requirement?

Options:

A.

Ensure that the bootloader can be accessed remotely using Secure Shell (SSH)

B.

Ensure that a writable copy of the device's configuration is stored in flash memory

C.

Ensure that device can accept Over-the-Air (OTA) firmware updates

D.

Ensure that ail firmware is signed using digital certificates prior to deployment

Question 11

Which of the following methods or technologies is most likely to be used to protect an IoT portal against protocol fuzzing?

Options:

A.

Secure Hypertext Transfer Protocol (HTTPS)

B.

Public Key Infrastructure (PKI)

C.

Next-Generation Firewall (NGFW)

D.

Hash-based Message Authentication Code (HMAC)

Question 12

A hacker wants to record a live session between a user and a host in hopes that parts of the datastream can be used to spoof the session. Which of the following attacks is this person attempting?

Options:

A.

Fuzzing

B.

Session replay

C.

Bit flipping

D.

Reverse shell

Question 13

A DevOps engineer wants to provide secure network services to an IoT/cloud solution. Which of the following countermeasures should be implemented to mitigate network attacks that can render a network useless?

Options:

A.

Network firewall

B.

Denial of Service (DoS)/Distributed Denial of Service (DDoS) mitigation

C.

Web application firewall (WAF)

D.

Deep Packet Inspection (DPI)

Question 14

An IoT developer needs to ensure that user passwords for a smartphone app are stored securely. Which of the following methods should the developer use to meet this requirement?

Options:

A.

Encrypt all stored passwords using 256-bit Advanced Encryption Standard (AES-256)

B.

Encrypt all stored passwords using 128-bit Twofish

C.

Hash all passwords using Message Digest 5 (MD5)

D.

Store all passwords in read-only memory

Question 15

A hacker is able to eavesdrop on administrative sessions to remote IoT sensors. Which of the following has most likely been misconfigured or disabled?

Options:

A.

Secure Shell (SSH)

B.

Internet Protocol Security (IPSec)

C.

Telnet

D.

Virtual private network (VPN)

Question 16

A software developer for an IoT device company is creating software to enhance the capabilities of his company's security cameras. He wants the end users to be confidentthat the software they are downloading from his company's support site is legitimate. Which of the following tools or techniques should he utilize?

Options:

A.

Data validation

B.

Interrupt analyzer

C.

Digital certificate

D.

Pseudocode

Question 17

An IoT system administrator discovers that end users are able to access administrative features on the company's IoT management portal. Which of the following actions should the administrator take to address this issue?

Options:

A.

Implement password complexity policies

B.

Implement granular role-based access

C.

Implement account lockout policies

D.

Implement digitally signed firmware updates

Question 18

In order to gain access to a user dashboard via an online portal, an end user must provide their username, a PIN, and a software token code. This process is known as:

Options:

A.

Type 1 authentication

B.

Type 2 authentication

C.

Two-factor authentication

D.

Biometric authentication

Question 19

An IoT integrator wants to deploy an IoT gateway at the Edge and have it connect to the cloud via API. In order to minimize risk, which of the following actions should the integrator take before integration?

Options:

A.

Write down the default login and password

B.

Remove all logins and passwords that may exist

C.

Create new credentials using a strong password

D.

Reset the IoT gateway to factory defaults

Question 20

Which of the following attacks is a reflected Distributed Denial of Service (DDoS) attack?

Options:

A.

Teardrop

B.

Ping of Death

C.

SYN flood

D.

Smurf

Question 21

An IoT security architect needs to minimize the security risk of a radio frequency (RF) mesh application. Which of the following might the architect consider as part of the design?

Options:

A.

Make pairing between nodes very easy so that troubleshooting is reduced.

B.

Encrypt data transmission between nodes at the physical/logical layers.

C.

Prevent nodes from being rejected to keep the value of the network as high as possible.

D.

Allow implicit trust of all gateways since they are the link to the internet.

Question 22

Which of the following attacks would most likely be used to discover users, printers, and other objects within a network?

Options:

A.

Distributed Denial of Service (DDoS)

B.

SYN flood

C.

LDAP Injection

D.

Denial of Service (DoS)

Question 23

A cloud developer for an IoT service is storing billing information. Which of the following should be considered a common vulnerability in regard to this data that could be used to compromise privacy?

Options:

A.

Enabled notifications as required by law

B.

Lack of data retention policies

C.

Authorized access to personal information

D.

Secured data in motion and at rest

Question 24

An IoT software developer wants the users of her software tools to know if they have been modified by someone other than her. Which of the following tools or techniques should she use?

Options:

A.

Encryption

B.

Obfuscation

C.

Hashing

D.

Fuzzing

Question 25

Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

Options:

A.

Disassembler

B.

Backdoor

C.

Debugger

D.

Stack pointer

Question 26

An Agile Scrum Master working on IoT solutions needs to get software released for a new IoT product. Since bugs could be found after deployment, which of the following should be part of the overall solution?

Options:

A.

A money back guarantee, no questions asked

B.

Over-the-Air (OTA) software updates

C.

A lifetime transferable warranty

D.

Free firmware updates if the product is sent back to the manufacturer

Question 27

An IoT system administrator discovers that unauthorized users are able to log onto and access data on remote IoT monitoring devices. What should the system administrator do on the remote devices in order to address this issue?

Options:

A.

Encrypt all locally stored data

B.

Ensure all firmware updates have been applied

C.

Change default passwords

D.

Implement URL filtering

Question 28

Accompany collects and stores sensitive data from thousands of IoT devices. The company's IoT security administrator is concerned about attacks that compromise confidentiality. Which of the following attacks is the security administrator concerned about? (Choose two.)

Options:

A.

Salami

B.

Aggregation

C.

Data diddling

D.

Denial of Service (DoS)

E.

Inference

Question 29

An IoT systems administrator wants to ensure that all data stored on remote IoT gateways is unreadable. Which of the following technologies is the administrator most likely to implement?

Options:

A.

Secure Hypertext Transmission Protocol (HTTPS)

B.

Internet Protocol Security (IPSec)

C.

Triple Data Encryption Standard (3DES)

D.

Message Digest 5 (MD5)

Question 30

Which of the following policies provides the BEST protection against identity theft when data stored on an IoT portal has been compromised?

Options:

A.

Data retention polices

B.

Data categorization policies

C.

Data anonymization policies

D.

Data disposal policies

Load More ITS-110 Questions
Demo: 30 questions
Total 100 questions
Get ITS-110 Full Access Download ITS-110 PDF