Labour Day Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

  1. Home
  2. CertNexus
  3. Certified IoT Security Practitioner
  4. ITS-110
  5. Certified Internet of Things Security Practitioner (CIoTSP) Questions and Answers

ITS-110 Certified Internet of Things Security Practitioner (CIoTSP) Questions and Answers

Questions 4

Which of the following attacks is a reflected Distributed Denial of Service (DDoS) attack?

Options:

A.

Teardrop

B.

Ping of Death

C.

SYN flood

D.

Smurf

Buy Now
Questions 5

In order to successfully perform a man-in-the-middle (MITM) attack against a secure website, which of the following could be true?

Options:

A.

Client to server traffic must use Hypertext Transmission Protocol (HTTP)

B.

The server must be vulnerable to malformed Uniform Resource Locator (URL) injection

C.

The server must be using a deprecated version of Transport Layer Security (TLS)

D.

The web server's X.509 certificate must be compromised

Buy Now
Questions 6

Which of the following attacks utilizes Media Access Control (MAC) address spoofing?

Options:

A.

Network Address Translation (NAT)

B.

Man-in-the-middle (MITM)

C.

Network device fuzzing

D.

Unsecured network ports

Buy Now
Questions 7

A web administrator is concerned about injection attacks. Which of the following mitigation techniques should the web administrator implement?

Options:

A.

Configure single sign-on (SSO)

B.

Parameter validation

C.

Require strong passwords

D.

Require two-factor authentication (2FA)

Buy Now
Questions 8

A hacker was able to generate a trusted certificate that spoofs an IoT-enabled security camera's management portal. Which of the following is the most likely cause of this exploit?

Options:

A.

Bootloader code is stored in unsecure flash memory

B.

The portal's certificate is stored in unsecure flash memory

C.

X.509 private keys are stored in unsecure flash memory

D.

Firmware is loaded from flash using unsecure object references

Buy Now
Questions 9

An IoT systems integrator has a very old IoT gateway that doesn't offer many security features besides viewing a system configuration page via browser over HTTPS. The systems integrator can't get their modern browser to bring up the page due to a cipher suite mismatch. Which of the following must the integrator perform before the configuration page can be viewed?

Options:

A.

Upgrade the browser, as modern browsers have stopped allowing connections to hosts that use only outdated cipher suites.

B.

Downgrade the browser, as modern browsers have stopped allowing connections to hosts that use only outdated cipher suites.

C.

Upgrade the browser, as older browsers have stopped allowing connections to hosts that use only outdated cipher suites.

D.

Downgrade the browser, as modern browsers have continued allowing connections to hosts that use only outdated cipher suites.

Buy Now
Questions 10

An IoT service collects massive amounts of data and the developer is encrypting the data, forcing administrative users to authenticate and be authorized. The data is being disposed of properly and on a timely basis. However, which of the following countermeasures is the developer most likely overlooking?

Options:

A.

That private data can never be fully destroyed.

B.

The best practice to only collect critical data and nothing more.

C.

That data isn't valuable unless it's used as evidence for crime committed.

D.

That data is only valuable as perceived by the beholder.

Buy Now
Questions 11

A hacker wants to record a live session between a user and a host in hopes that parts of the datastream can be used to spoof the session. Which of the following attacks is this person attempting?

Options:

A.

Fuzzing

B.

Session replay

C.

Bit flipping

D.

Reverse shell

Buy Now
Questions 12

An IoT developer wants to ensure all sensor to portal communications are as secure as possible and do not require any client-side configuration. Which of the following is the developer most likely to use?

Options:

A.

Virtual Private Networking (VPN)

B.

Public Key Infrastructure (PKI)

C.

IP Security (IPSec)

D.

Secure/Multipurpose Internet Mail Extensions (S/MIME)

Buy Now
Questions 13

Requiring randomly generated tokens for each connection from an IoT device to the cloud can help mitigate which of the following types of attacks?

Options:

A.

Malformed URL injection

B.

Buffer overflow

C.

SSL certificate hijacking

D.

Session replay

Buy Now
Questions 14

Accompany collects and stores sensitive data from thousands of IoT devices. The company's IoT security administrator is concerned about attacks that compromise confidentiality. Which of the following attacks is the security administrator concerned about? (Choose two.)

Options:

A.

Salami

B.

Aggregation

C.

Data diddling

D.

Denial of Service (DoS)

E.

Inference

Buy Now
Questions 15

A hacker is able to access privileged information via an IoT portal by modifying a SQL parameter in a URL. Which of the following BEST describes the vulnerability that allows this type of attack?

Options:

A.

Unvalidated redirect or forwarding

B.

Insecure HTTP session management

C.

Unsecure direct object references

D.

Unhandled malformed URLs

Buy Now
Questions 16

Which of the following methods or technologies is most likely to be used to protect an IoT portal against protocol fuzzing?

Options:

A.

Secure Hypertext Transfer Protocol (HTTPS)

B.

Public Key Infrastructure (PKI)

C.

Next-Generation Firewall (NGFW)

D.

Hash-based Message Authentication Code (HMAC)

Buy Now
Questions 17

A web application is connected to an IoT endpoint. A hacker wants to steal data from the connection between them. Which of the following is NOT a method of attack that could be used to facilitate stealing data?

Options:

A.

Cross-Site Request Forgery (CSRF)

B.

SQL Injection (SQLi)

C.

Cross-Site Scripting (XSS)

D.

LDAP Injection

Buy Now
Questions 18

A site administrator is not enforcing strong passwords or password complexity. To which of the following types of attacks is this system probably MOST vulnerable?

Options:

A.

Key logger attack

B.

Dictionary attack

C.

Collision attack

D.

Phishing attack

Buy Now
Questions 19

An IoT security architect needs to minimize the security risk of a radio frequency (RF) mesh application. Which of the following might the architect consider as part of the design?

Options:

A.

Make pairing between nodes very easy so that troubleshooting is reduced.

B.

Encrypt data transmission between nodes at the physical/logical layers.

C.

Prevent nodes from being rejected to keep the value of the network as high as possible.

D.

Allow implicit trust of all gateways since they are the link to the internet.

Buy Now
Questions 20

It is a new employee's first day on the job. When trying to access secured systems, he incorrectly enters his credentials multiple times. Which resulting action should take place?

Options:

A.

His account is deleted.

B.

He receives a new password.

C.

His account is locked.

D.

He notifies Human Resources.

Buy Now
Questions 21

Web forms that contain unvalidated fields are vulnerable to which of the following attacks? (Choose two.)

Options:

A.

Smurf

B.

Ping of death

C.

Cross-Site Scripting (XSS)

D.

Man-in-the-middle (MITM)

E.

SQL Injection (SQLi)

Buy Now
Questions 22

An IoT systems administrator wants to ensure that all data stored on remote IoT gateways is unreadable. Which of the following technologies is the administrator most likely to implement?

Options:

A.

Secure Hypertext Transmission Protocol (HTTPS)

B.

Internet Protocol Security (IPSec)

C.

Triple Data Encryption Standard (3DES)

D.

Message Digest 5 (MD5)

Buy Now
Questions 23

Which of the following encryption standards should an IoT developer select in order to implement an asymmetric key pair?

Options:

A.

Temporal Key Integrity Protocol (TKIP)

B.

Elliptic curve cryptography (ECC)

C.

Advanced Encryption Standard (AES)

D.

Triple Data Encryption Standard (3DES)

Buy Now
Questions 24

An IoT security practitioner should be aware of which common misconception regarding data in motion?

Options:

A.

That transmitted data is point-to-point and therefore a third party does not exist.

B.

The assumption that all data is encrypted properly and cannot be exploited.

C.

That data can change instantly so old data is of no value.

D.

The assumption that network protocols automatically encrypt data on the fly.

Buy Now
Questions 25

An IoT system administrator wants to mitigate the risk of rainbow table attacks. Which of the following methods or technologies can the administrator implement in order to address this concern?

Options:

A.

Enable account lockout

B.

Enable account database encryption

C.

Require frequent password changes

D.

Require complex passwords

Buy Now
Questions 26

If an attacker were able to gain access to a user's machine on your network, which of the following actions would she most likely take next?

Options:

A.

Start log scrubbing

B.

Escalate privileges

C.

Perform port scanning

D.

Initiate reconnaissance

Buy Now
Questions 27

A manufacturer wants to ensure that approved software is delivered securely and can be verified prior to installation on its IoT devices. Which of the following technologies allows the manufacturer to meet this requirement?

Options:

A.

Advanced Encryption Standard (AES)

B.

Public Key Infrastructure (PKI)

C.

Generic Routing Encapsulation (GRE)

D.

Internet Protocol Security (IPsec)

Buy Now
Questions 28

An IoT gateway will be brokering data on numerous northbound and southbound interfaces. A security practitioner has the data encrypted while stored on the gateway and encrypted while transmitted across the network. Should this person be concerned with privacy while the data is in use?

Options:

A.

Yes, because the hash wouldn't protect the integrity of the data.

B.

Yes, because the data is vulnerable during processing.

C.

No, since the data is already encrypted while at rest and while in motion.

D.

No, because the data is inside the CPU's secure region while being used.

Buy Now
Questions 29

An IoT security administrator is determining which cryptographic algorithm she should use to sign her server's digital certificates. Which of the following algorithms should she choose?

Options:

A.

Rivest Cipher 6 (RC6)

B.

Rijndael

C.

Diffie-Hellman (DH)

D.

Rivest-Shamir-Adleman (RSA)

Buy Now
Questions 30

Which of the following describes the most significant risk created by implementing unverified certificates on an IoT portal?

Options:

A.

The portal's Internet Protocol (IP) address can more easily be spoofed.

B.

Domain Name System (DNS) address records are more susceptible to hijacking.

C.

The portal's administrative functions do not require authentication.

D.

Man-in-the-middle (MITM) attacks can be used to eavesdrop on communications.

Buy Now
Exam Code: ITS-110
Exam Name: Certified Internet of Things Security Practitioner (CIoTSP)
Last Update: May 5, 2024
Questions: 100

PDF + Testing Engine

$66.4  $165.99
buy now ITS-110 pdf + testing engine

Testing Engine

$46  $114.99
buy now ITS-110 testing engine

PDF (Q&A)

$42  $104.99
buy now ITS-110 pdf