CertNexus Certified IoT Security Practitioner ITS-110 Exam Questions

test2023-01-09T08:25:25+00:00

To prepare for the CertNexus Certified IoT Security Practitioner (ITS-110) exam, you should first familiarize yourself with the exam objectives and the knowledge areas that will be tested. You can find the exam objectives on the CertNexus website.

Once you have a good understanding of the exam content, you can start studying for the exam using a variety of resources. Some suggestions for study materials include:

CertNexus’s own training course for the ITS-110 exam
Books or online tutorials on IoT security
Practice exams to test your knowledge and identify areas where you may need additional study
Online forums or discussion groups where you can ask questions and interact with other professionals who are also preparing for the exam

It is also important to have some practical experience working with IoT systems and security to fully understand the concepts covered in the exam. This may involve hands-on projects or internships in which you can apply the knowledge and skills you have learned.

Finally, make sure to allow yourself enough time to study and prepare for the exam. It is a good idea to start studying well in advance of the exam date to give yourself plenty of time to absorb the material and practice your skills.

Page 1 of 3

1. A security practitioner wants to encrypt a large datastore.

Which of the following is the BEST choice to implement?

Asymmetric encryption standards

Symmetric encryption standards

Elliptic curve cryptography (ECC)

Diffie-Hellman (DH) algorithm

2. A developer needs to apply a family of protocols to mediate network access. Authentication and Authorization has been implemented properly.

Which of the following is the missing component?

Management

Accounting

Auditing

Inventory

3. An IoT security administrator wants to encrypt the database used to store sensitive IoT device data.

Which of the following algorithms should he choose?

Triple Data Encryption Standard (3DES)

ElGamal

Rivest-Shamir-Adleman (RSA)

Secure Hash Algorithm 3-512 (SHA3-512)

4. An IoT manufacturer discovers that hackers have injected malware into their devices’ firmware updates.

Which of the following methods could the manufacturer use to mitigate this risk?

Ensure that all firmware updates are signed with a trusted certificate

Ensure that all firmware updates are stored using 256-bit encryption

Ensure that firmware updates can only be installed by trusted administrators

Ensure that firmware updates are delivered using Internet Protocol Security (IPSec)

5. Which of the following technologies allows for encryption of networking communications without requiring any configuration on IoT endpoints?

Transport Layer Security (TLS)

Internet Protocol Security (IPSec)

Virtual private network (VPN)

Elliptic curve cryptography (ECC)

6. A DevOps engineer wants to provide secure network services to an IoT/cloud solution.

Which of the following countermeasures should be implemented to mitigate network attacks that can render a network useless?

Network firewall

Denial of Service (DoS)/Distributed Denial of Service (DDoS) mitigation

Web application firewall (WAF)

Deep Packet Inspection (DPI)

7. An IoT security administrator realizes that when he attempts to visit the administrative website for his devices, he is sent to a fake website.

To which of the following attacks has he likely fallen victim?

Buffer overflow

Denial of Service (DoS)

Birthday attack

Domain name system (DNS) poisoning

8. A developer is coding for an IoT product in the healthcare sector.

What special care must the developer take?

Make sure the user interface looks polished so that people will pay higher prices.

Apply best practices for privacy protection to minimize sensitive data exposure.

Rapidly complete the product so that feedback from the market can be realized sooner.

Slow down product development in order to obtain FDA approval with the first submission.

9. An embedded engineer wants to implement security features to be sure that the IoT gateway under development will only load verified images.

Which of the following countermeasures could be used to achieve this goal?

Implement Over-The-Air (OTA) updates

Enforce a secure boot function

Enforce a measured boot function

Harden the update server

10. An IoT system administrator discovers that hackers are using rainbow tables to compromise user accounts on their cloud management portal.

What should the administrator do in order to mitigate this risk?

Implement robust password policies

Implement certificates on all login pages

Implement granular role-based access

Implement URL filtering

Page 2 of 3

11. A user grants an IoT manufacturer consent to store personally identifiable information (PII).

According to the General Data Protection Regulation (GDPR), when is an organization required to delete this data?

Within ninety days after collection, unless required for a legal proceeding

Within thirty days of a user's written request

Within seven days of being transferred to secure, long-term storage

Within sixty days after collection, unless encrypted

12. Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

Disassembler

Backdoor

Debugger

Stack pointer

13. Which of the following attacks relies on the trust that a website has for a user's browser?

Phishing

SQL Injection (SQLi)

Cross-Site Scripting (XSS)

Cross-Site Request Forgery (CSRF)

14. An IoT systems administrator needs to be able to detect packet injection attacks.

Which of the follow methods or technologies is the administrator most likely to implement?

Internet Protocol Security (IPSec) with Encapsulating Security Payload (ESP)

Point-to-Point Tunneling Protocol (PPTP)

Layer 2 Tunneling Protocol (L2TP)

Internet Protocol Security (IPSec) with Authentication Headers (AH)

15. A network administrator is looking to implement best practices for the organization's password policy.

Which of the following elements should the administrator include?

Maximum length restriction

Password history checks

No use of special characters

No password expiration

16. An IoT integrator wants to deploy an IoT gateway at the Edge and have it connect to the cloud via API.

In order to minimize risk, which of the following actions should the integrator take before integration?

Write down the default login and password

Remove all logins and passwords that may exist

Create new credentials using a strong password

Reset the IoT gateway to factory defaults

17. An IoT developer wants to ensure that their cloud management portal is protected against compromised end-user credentials.

Which of the following technologies should the developer implement?

An authentication policy that requires a password at initial logon, and a second password in order to access advanced features.

An authentication policy which requires user passwords to include twelve characters, including uppercase, lowercase, and special characters.

An authentication policy that requires a user to provide a strong password and on-demand token delivered via SM

An authentication policy which requires two random tokens generated by a hardware device.

18. Which of the following techniques protects the confidentiality of the information stored in databases?

Hashing

Archiving

Monitoring

Encryption

19. A hacker is attempting to exploit a known software flaw in an IoT portal in order to modify the site's administrative configuration.

Which of the following BEST describes the type of attack the hacker is performing?

Privilege escalation

Transmission control protocol (TCP) flooding

Application fuzzing

Birthday attack

20. A hacker wants to discover login names that may exist on a website.

Which of the following responses to the login and password entries would aid in the discovery? (Choose two.)

Your login attempt was unsuccessful

Invalid password

That user does not exist

The username and/or password are incorrect

Incorrect email/password combination

Page 3 of 3

21. A developer needs to implement a highly secure authentication method for an IoT web portal.

Which of the following authentication methods offers the highest level of identity assurance for end users?

A hardware-based token generation device

509 certificate stored on a smart card

Two-step authentication with complex passwords

Multi-factor authentication with three factors

22. Which of the following describes the most significant risk created by implementing unverified certificates on an IoT portal?

The portal's Internet Protocol (IP) address can more easily be spoofed.

Domain Name System (DNS) address records are more susceptible to hijacking.

The portal's administrative functions do not require authentication.

Man-in-the-middle (MITM) attacks can be used to eavesdrop on communications.

23. You work for an IoT software-as-a-service (SaaS) provider. Your boss has asked you to research a way to effectively dispose of stored sensitive customer data.

Which of the following methods should you recommend to your boss?

Crypto-shredding

Degaussing

Overwriting

Physical destruction

24. A hacker enters credentials into a web login page and observes the server's responses.

Which of the following attacks is the hacker attempting?

Account enumeration

Directory traversal

Buffer overflow

Spear phishing

25. An Agile Scrum Master working on IoT solutions needs to get software released for a new IoT product.

Since bugs could be found after deployment, which of the following should be part of the overall solution?

A money back guarantee, no questions asked

Over-the-Air (OTA) software updates

A lifetime transferable warranty

Free firmware updates if the product is sent back to the manufacturer

CertNexus Certified IoT Security Practitioner ITS-110 Exam Questions

CertNexus Certified IoT Security Practitioner ITS-110 Exam Questions

Share this post

Author

Leave a Reply Cancel reply

Related Posts

Free Access To CFR-410 CyberSec First Responder (CFR) Exam Dumps