Question No : 1
Which of the following encryption standards should an IoT developer select in order to implement an asymmetric key pair?

• A.Temporal Key Integrity Protocol (TKIP)
• B.Elliptic curve cryptography (ECC)
• C.Advanced Encryption Standard (AES)
• D.Triple Data Encryption Standard (3DES)

Show Answers

Answer:

Question No : 2
What is one popular network protocol that is usually enabled by default on home routers that creates a large attack surface?

• A.Open virtual private network (VPN)
• B.Universal Plug and Play (UPnP)
• C.Network Address Translation (NAT)
• D.Domain Name System Security Extensions (DNSSEC)

Show Answers

Answer:
Explanation:
Reference: https://phoenixnap.com/blog/what-is-upnp

Question No : 3
An IoT system administrator wants to mitigate the risk of rainbow table attacks.
Which of the following methods or technologies can the administrator implement in order to address this concern?

• A.Enable account lockout
• B.Enable account database encryption
• C.Require frequent password changes
• D.Require complex passwords

Show Answers

Answer:

Question No : 4
An IoT gateway will be brokering data on numerous northbound and southbound interfaces. A security practitioner has the data encrypted while stored on the gateway and encrypted while transmitted across the network.
Should this person be concerned with privacy while the data is in use?

• A.Yes, because the hash wouldn't protect the integrity of the data.
• B.Yes, because the data is vulnerable during processing.
• C.No, since the data is already encrypted while at rest and while in motion.
• D.No, because the data is inside the CPU's secure region while being used.

Show Answers

Answer:

Question No : 5
A site administrator is not enforcing strong passwords or password complexity. To which of the following types of attacks is this system probably MOST vulnerable?

• A.Key logger attack
• B.Dictionary attack
• C.Collision attack
• D.Phishing attack

Show Answers

Answer:
Explanation:
Reference: https://www.techtarget.com/searchsecurity/definition/dictionary-attack

Question No : 6
An IoT software developer wants the users of her software tools to know if they have been modified by someone other than her.
Which of the following tools or techniques should she use?

• A.Encryption
• B.Obfuscation
• C.Hashing
• D.Fuzzing

Show Answers

Answer:

Question No : 7
An IoT developer discovers that clients frequently fall victim to phishing attacks.
What should the developer do in order to ensure that customer accounts cannot be accessed even if the customer's password has been compromised?

• A.Implement two-factor authentication (2FA)
• B.Enable Kerberos authentication
• C.Implement account lockout policies
• D.Implement Secure Lightweight Directory Access Protocol (LDAPS)

Show Answers

Answer:

Question No : 8
An IoT security administrator wishes to mitigate the risk of falling victim to Distributed Denial of Service (DDoS) attacks.
Which of the following mitigation strategies should the security administrator implement? (Choose two.)

• A.Block all inbound packets with an internal source IP address
• B.Block all inbound packets originating from service ports
• C.Enable unused Transmission Control Protocol (TCP) service ports in order to create a honeypot
• D.Block the use of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) through his perimeter firewall
• E.Require the use of
• F.509 digital certificates for all incoming requests

Show Answers

Answer:

Question No : 9
Which of the following technologies allows for encryption of networking communications without requiring any configuration on IoT endpoints?

• A.Transport Layer Security (TLS)
• B.Internet Protocol Security (IPSec)
• C.Virtual private network (VPN)
• D.Elliptic curve cryptography (ECC)

Show Answers

Answer:

Question No : 10
An IoT developer has endpoints that are shipped to users in the field.
Which of the following best practices must be implemented for using default passwords after delivery?

• A.Implement two-factor authentication (2FA)
• B.Force a password change upon initial login
• C.Apply granular role-based access
• D.Protect against account enumeration

Show Answers

Answer: