March Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 2493360325

Good News !!! ITS-110 Certified Internet of Things Security Practitioner(CIoTSP) is now Stable and With Pass Result

ITS-110 Practice Exam Questions and Answers

Certified Internet of Things Security Practitioner(CIoTSP)

Last Update 1 day ago
Total Questions : 100

ITS-110 is stable now with all latest exam questions are added 1 day ago. Just download our Full package and start your journey with CertNexus Certified Internet of Things Security Practitioner(CIoTSP) certification. All these CertNexus ITS-110 practice exam questions are real and verified by our Experts in the related industry fields.

ITS-110 PDF

ITS-110 PDF (Printable)
$48
$119.99

ITS-110 Testing Engine

ITS-110 PDF (Printable)
$56
$139.99

ITS-110 PDF + Testing Engine

ITS-110 PDF (Printable)
$70.8
$176.99
Question # 1

Which of the following is one way to implement countermeasures on an IoT gateway to ensure physical security?

Options:

A.  

Add tamper detection to the enclosure

B.  

Limit physical access to ports when possible

C.  

Allow quick administrator access for mitigation

D.  

Implement features in software instead of hardware

Discussion 0
Question # 2

A hacker wants to discover login names that may exist on a website. Which of the following responses to the login and password entries would aid in the discovery? (Choose two.)

Options:

A.  

Your login attempt was unsuccessful

B.  

Invalid password

C.  

That user does not exist

D.  

The username and/or password are incorrect

E.  

Incorrect email/password combination

Discussion 0
Question # 3

A DevOps engineer wants to provide secure network services to an IoT/cloud solution. Which of the following countermeasures should be implemented to mitigate network attacks that can render a network useless?

Options:

A.  

Network firewall

B.  

Denial of Service (DoS)/Distributed Denial of Service (DDoS) mitigation

C.  

Web application firewall (WAF)

D.  

Deep Packet Inspection (DPI)

Discussion 0
Question # 4

In designing the campus of an IoT device manufacturer, a security consultant was hired to recommend best practices for deterring criminal behavior. Which of the following approaches would he have used to meet his client's needs?

Options:

A.  

Crime Prevention Through Environmental Design (CPTED)

B.  

British Standard 7799 part 3 (BS 7799-3)

C.  

International Organization for Standardization 17799 (ISO 17799)

D.  

National Institute of Standards and Technology Cybersecurity Framework (NIST CSF)

Discussion 0
Question # 5

A hacker is attempting to exploit a known software flaw in an IoT portal in order to modify the site's administrative configuration. Which of the following BEST describes the type of attack the hacker is performing?

Options:

A.  

Privilege escalation

B.  

Transmission control protocol (TCP) flooding

C.  

Application fuzzing

D.  

Birthday attack

Discussion 0
Question # 6

An IoT developer needs to ensure that user passwords for a smartphone app are stored securely. Which of the following methods should the developer use to meet this requirement?

Options:

A.  

Encrypt all stored passwords using 256-bit Advanced Encryption Standard (AES-256)

B.  

Encrypt all stored passwords using 128-bit Twofish

C.  

Hash all passwords using Message Digest 5 (MD5)

D.  

Store all passwords in read-only memory

Discussion 0
Question # 7

Which of the following functions can be added to the authorization component of AAA to enable the principal of least privilege with flexibility?

Options:

A.  

Discretionary access control (DAC)

B.  

Role-based access control (RBAC)

C.  

Mandatory access control (MAC)

D.  

Access control list (ACL)

Discussion 0
Question # 8

An IoT security administrator is concerned that someone could physically connect to his network and scan for vulnerable devices. Which of the following solutions should he install to prevent this kind of attack?

Options:

A.  

Media Access Control (MAC)

B.  

Network Access Control (NAC)

C.  

Host Intrusion Detection System (HIDS)

D.  

Network Intrusion Detection System (NIDS)

Discussion 0
Question # 9

Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

Options:

A.  

Disassembler

B.  

Backdoor

C.  

Debugger

D.  

Stack pointer

Discussion 0
Question # 10

An IoT integrator wants to deploy an IoT gateway at the Edge and have it connect to the cloud via API. In order to minimize risk, which of the following actions should the integrator take before integration?

Options:

A.  

Write down the default login and password

B.  

Remove all logins and passwords that may exist

C.  

Create new credentials using a strong password

D.  

Reset the IoT gateway to factory defaults

Discussion 0
Question # 11

An IoT developer wants to ensure that their cloud management portal is protected against compromised end-user credentials. Which of the following technologies should the developer implement?

Options:

A.  

An authentication policy that requires a password at initial logon, and a second password in order to access advanced features.

B.  

An authentication policy which requires user passwords to include twelve characters, including uppercase, lowercase, and special characters.

C.  

An authentication policy that requires a user to provide a strong password and on-demand token delivered via SMS.

D.  

An authentication policy which requires two random tokens generated by a hardware device.

Discussion 0
Question # 12

A developer is coding for an IoT product in the healthcare sector. What special care must the developer take?

Options:

A.  

Make sure the user interface looks polished so that people will pay higher prices.

B.  

Apply best practices for privacy protection to minimize sensitive data exposure.

C.  

Rapidly complete the product so that feedback from the market can be realized sooner.

D.  

Slow down product development in order to obtain FDA approval with the first submission.

Discussion 0
Question # 13

Recently, you purchased a smart watch from Company

A.  

You receive a notification on your watch that you missed a call and have a new message. Upon checking the message, you hear the following:

“Hello, my name is Julie Simmons, and I'm with Company

A.  

I want to thank you for your recent purchase and send you a small token of our appreciation. Please call me back at 888-555-1234. You will need to enter your credit card number, so we can authenticate you and ship your gift. Thanks for being a valued customer and enjoy your gift!"

Which of the following types of attacks could this be?

Options:

A.  

Phishing

B.  

Spear phishing

C.  

Whaling

D.  

Vishing

Discussion 0
Question # 14

What is one popular network protocol that is usually enabled by default on home routers that creates a large attack surface?

Options:

A.  

Open virtual private network (VPN)

B.  

Universal Plug and Play (UPnP)

C.  

Network Address Translation (NAT)

D.  

Domain Name System Security Extensions (DNSSEC)

Discussion 0
Question # 15

An OT security practitioner wants to implement two-factor authentication (2FA). Which of the following is the least secure method to use for implementation?

Options:

A.  

Out-of-band authentication (OOBA)

B.  

2FA over Short Message Service (SMS)

C.  

Authenticator Apps for smartphones

D.  

Fast Identity Online (FIDO) Universal 2nd Factor (U2F) USB key

Discussion 0
Get ITS-110 dumps and pass your exam in 24 hours!

Free Exams Sample Questions