Black Friday Special 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exams65

ExamsBrite Dumps

Certified Internet of Things Security Practitioner (CIoTSP) Question and Answers

Certified Internet of Things Security Practitioner (CIoTSP)

Last Update Dec 2, 2024
Total Questions : 100

We are offering FREE ITS-110 CertNexus exam questions. All you do is to just go and sign up. Give your details, prepare ITS-110 free exam questions and then go for complete pool of Certified Internet of Things Security Practitioner (CIoTSP) test questions that will help you more.

ITS-110 pdf

ITS-110 PDF

$36.75  $104.99
ITS-110 Engine

ITS-110 Testing Engine

$43.75  $124.99
ITS-110 PDF + Engine

ITS-110 PDF + Testing Engine

$57.75  $164.99
Questions 1

An IoT software developer wants the users of her software tools to know if they have been modified by someone other than her. Which of the following tools or techniques should she use?

Options:

A.  

Encryption

B.  

Obfuscation

C.  

Hashing

D.  

Fuzzing

Discussion 0
Questions 2

Recently, you purchased a smart watch from Company A. You receive a notification on your watch that you missed a call and have a new message. Upon checking the message, you hear the following:

“Hello, my name is Julie Simmons, and I'm with Company A. I want to thank you for your recent purchase and send you a small token of our appreciation. Please call me back at 888-555-1234. You will need to enter your credit card number, so we can authenticate you and ship your gift. Thanks for being a valued customer and enjoy your gift!"

Which of the following types of attacks could this be?

Options:

A.  

Phishing

B.  

Spear phishing

C.  

Whaling

D.  

Vishing

Discussion 0
Questions 3

An IoT security administrator is determining which cryptographic algorithm she should use to sign her server's digital certificates. Which of the following algorithms should she choose?

Options:

A.  

Rivest Cipher 6 (RC6)

B.  

Rijndael

C.  

Diffie-Hellman (DH)

D.  

Rivest-Shamir-Adleman (RSA)

Discussion 0
Questions 4

A web administrator is concerned about injection attacks. Which of the following mitigation techniques should the web administrator implement?

Options:

A.  

Configure single sign-on (SSO)

B.  

Parameter validation

C.  

Require strong passwords

D.  

Require two-factor authentication (2FA)

Discussion 0
Questions 5

An IoT integrator wants to deploy an IoT gateway at the Edge and have it connect to the cloud via API. In order to minimize risk, which of the following actions should the integrator take before integration?

Options:

A.  

Write down the default login and password

B.  

Remove all logins and passwords that may exist

C.  

Create new credentials using a strong password

D.  

Reset the IoT gateway to factory defaults

Discussion 0
Questions 6

An IoT systems integrator has a very old IoT gateway that doesn't offer many security features besides viewing a system configuration page via browser over HTTPS. The systems integrator can't get their modern browser to bring up the page due to a cipher suite mismatch. Which of the following must the integrator perform before the configuration page can be viewed?

Options:

A.  

Upgrade the browser, as modern browsers have stopped allowing connections to hosts that use only outdated cipher suites.

B.  

Downgrade the browser, as modern browsers have stopped allowing connections to hosts that use only outdated cipher suites.

C.  

Upgrade the browser, as older browsers have stopped allowing connections to hosts that use only outdated cipher suites.

D.  

Downgrade the browser, as modern browsers have continued allowing connections to hosts that use only outdated cipher suites.

Discussion 0
Questions 7

A DevOps engineer wants to provide secure network services to an IoT/cloud solution. Which of the following countermeasures should be implemented to mitigate network attacks that can render a network useless?

Options:

A.  

Network firewall

B.  

Denial of Service (DoS)/Distributed Denial of Service (DDoS) mitigation

C.  

Web application firewall (WAF)

D.  

Deep Packet Inspection (DPI)

Discussion 0
Questions 8

An IoT systems administrator needs to be able to detect packet injection attacks. Which of the follow methods or technologies is the administrator most likely to implement?

Options:

A.  

Internet Protocol Security (IPSec) with Encapsulating Security Payload (ESP)

B.  

Point-to-Point Tunneling Protocol (PPTP)

C.  

Layer 2 Tunneling Protocol (L2TP)

D.  

Internet Protocol Security (IPSec) with Authentication Headers (AH)

Discussion 0
Questions 9

Which of the following technologies allows for encryption of networking communications without requiring any configuration on IoT endpoints?

Options:

A.  

Transport Layer Security (TLS)

B.  

Internet Protocol Security (IPSec)

C.  

Virtual private network (VPN)

D.  

Elliptic curve cryptography (ECC)

Discussion 0
Questions 10

An IoT developer wants to ensure that data collected from a remotely deployed power station monitoring system is transferred securely to the cloud. Which of the following technologies should the developer consider?

Options:

A.  

Secure/Multipurpose Internet Mail Extensions (S/MIME)

B.  

Message-digest 5 (MD5)

C.  

Blowfish

D.  

Transport Layer Security (TLS)

Discussion 0
Questions 11

An IoT developer has endpoints that are shipped to users in the field. Which of the following best practices must be implemented for using default passwords after delivery?

Options:

A.  

Implement two-factor authentication (2FA)

B.  

Force a password change upon initial login

C.  

Apply granular role-based access

D.  

Protect against account enumeration

Discussion 0
Questions 12

A site administrator is not enforcing strong passwords or password complexity. To which of the following types of attacks is this system probably MOST vulnerable?

Options:

A.  

Key logger attack

B.  

Dictionary attack

C.  

Collision attack

D.  

Phishing attack

Discussion 0
Questions 13

An IoT security architect wants to implement Bluetooth between two nodes. The Elliptic Curve Diffie-Hellman (ECDH) cipher suite has been identified as a requirement. Which of the following Bluetooth versions can meet this requirement?

Options:

A.  

Bluetooth Low Energy (BLE) v4.0

B.  

BLE v4.2

C.  

BLE v4.1

D.  

Any of the BLE versions

Discussion 0
Questions 14

An IoT system administrator wants to mitigate the risk of rainbow table attacks. Which of the following methods or technologies can the administrator implement in order to address this concern?

Options:

A.  

Enable account lockout

B.  

Enable account database encryption

C.  

Require frequent password changes

D.  

Require complex passwords

Discussion 0
Questions 15

A hacker wants to record a live session between a user and a host in hopes that parts of the datastream can be used to spoof the session. Which of the following attacks is this person attempting?

Options:

A.  

Fuzzing

B.  

Session replay

C.  

Bit flipping

D.  

Reverse shell

Discussion 0
Questions 16

An OT security practitioner wants to implement two-factor authentication (2FA). Which of the following is the least secure method to use for implementation?

Options:

A.  

Out-of-band authentication (OOBA)

B.  

2FA over Short Message Service (SMS)

C.  

Authenticator Apps for smartphones

D.  

Fast Identity Online (FIDO) Universal 2nd Factor (U2F) USB key

Discussion 0
Questions 17

Passwords should be stored…

Options:

A.  

For no more than 30 days.

B.  

Only in cleartext.

C.  

As a hash value.

D.  

Inside a digital certificate.

Discussion 0
Questions 18

A developer needs to apply a family of protocols to mediate network access. Authentication and Authorization has been implemented properly. Which of the following is the missing component?

Options:

A.  

Management

B.  

Accounting

C.  

Auditing

D.  

Inventory

Discussion 0
Questions 19

An IoT manufacturer discovers that hackers have injected malware into their devices’ firmware updates. Which of the following methods could the manufacturer use to mitigate this risk?

Options:

A.  

Ensure that all firmware updates are signed with a trusted certificate

B.  

Ensure that all firmware updates are stored using 256-bit encryption

C.  

Ensure that firmware updates can only be installed by trusted administrators

D.  

Ensure that firmware updates are delivered using Internet Protocol Security (IPSec)

Discussion 0
Questions 20

An IoT system administrator discovers that hackers are using rainbow tables to compromise user accounts on their cloud management portal. What should the administrator do in order to mitigate this risk?

Options:

A.  

Implement robust password policies

B.  

Implement certificates on all login pages

C.  

Implement granular role-based access

D.  

Implement URL filtering

Discussion 0
Questions 21

A developer needs to implement a highly secure authentication method for an IoT web portal. Which of the following authentication methods offers the highest level of identity assurance for end users?

Options:

A.  

A hardware-based token generation device

B.  

An X.509 certificate stored on a smart card

C.  

Two-step authentication with complex passwords

D.  

Multi-factor authentication with three factors

Discussion 0
Questions 22

Web forms that contain unvalidated fields are vulnerable to which of the following attacks? (Choose two.)

Options:

A.  

Smurf

B.  

Ping of death

C.  

Cross-Site Scripting (XSS)

D.  

Man-in-the-middle (MITM)

E.  

SQL Injection (SQLi)

Discussion 0
Questions 23

If an attacker were able to gain access to a user's machine on your network, which of the following actions would she most likely take next?

Options:

A.  

Start log scrubbing

B.  

Escalate privileges

C.  

Perform port scanning

D.  

Initiate reconnaissance

Discussion 0
Questions 24

A security practitioner wants to encrypt a large datastore. Which of the following is the BEST choice to implement?

Options:

A.  

Asymmetric encryption standards

B.  

Symmetric encryption standards

C.  

Elliptic curve cryptography (ECC)

D.  

Diffie-Hellman (DH) algorithm

Discussion 0
Questions 25

What is one popular network protocol that is usually enabled by default on home routers that creates a large attack surface?

Options:

A.  

Open virtual private network (VPN)

B.  

Universal Plug and Play (UPnP)

C.  

Network Address Translation (NAT)

D.  

Domain Name System Security Extensions (DNSSEC)

Discussion 0
Questions 26

Which of the following attacks relies on the trust that a website has for a user's browser?

Options:

A.  

Phishing

B.  

SQL Injection (SQLi)

C.  

Cross-Site Scripting (XSS)

D.  

Cross-Site Request Forgery (CSRF)

Discussion 0
Questions 27

An IoT gateway will be brokering data on numerous northbound and southbound interfaces. A security practitioner has the data encrypted while stored on the gateway and encrypted while transmitted across the network. Should this person be concerned with privacy while the data is in use?

Options:

A.  

Yes, because the hash wouldn't protect the integrity of the data.

B.  

Yes, because the data is vulnerable during processing.

C.  

No, since the data is already encrypted while at rest and while in motion.

D.  

No, because the data is inside the CPU's secure region while being used.

Discussion 0
Questions 28

An IoT systems administrator wants to ensure that all data stored on remote IoT gateways is unreadable. Which of the following technologies is the administrator most likely to implement?

Options:

A.  

Secure Hypertext Transmission Protocol (HTTPS)

B.  

Internet Protocol Security (IPSec)

C.  

Triple Data Encryption Standard (3DES)

D.  

Message Digest 5 (MD5)

Discussion 0
Questions 29

You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)

Options:

A.  

Gramm-Leach-Bliley Act (GLBA)

B.  

Payment Card Industry Data Security Standard (PCI-DSS)

C.  

Federal Information Security Management Act (FISMA)

D.  

Sarbanes-Oxley (SOX)

E.  

Health Insurance Portability and Accountability Act (HIPAA)

F.  

Family Educational Rights and Privacy Act (FERPA)

G.  

Federal Energy Regulatory Commission (FERC)

Discussion 0
Questions 30

Which of the following functions can be added to the authorization component of AAA to enable the principal of least privilege with flexibility?

Options:

A.  

Discretionary access control (DAC)

B.  

Role-based access control (RBAC)

C.  

Mandatory access control (MAC)

D.  

Access control list (ACL)

Discussion 0