CertsTopics Logo

Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Sure Pass Exam ITS-110 PDF

Page: 6 / 8
Total 100 questions
Get ITS-110 Full Access Download ITS-110 PDF

Certified Internet of Things Security Practitioner (CIoTSP) Questions and Answers

Question 21

An IoT security administrator is concerned about an external attacker using the internal device management local area network (LAN) to compromise his IoT devices. Which of the following countermeasures should the security administrator implement? (Choose three.)

Options:

A.

Require the use of Password Authentication Protocol (PAP)

B.

Create a separate management virtual LAN (VLAN)

C.

Ensure that all IoT management servers are running antivirus software

D.

Implement 802.1X for authentication

E.

Ensure that the Time To Live (TTL) flag for outgoing packets is set to 1

F.

Only allow outbound traffic from the management LAN

G.

Ensure that all administrators access the management server at specific times

Question 22

A hacker was able to generate a trusted certificate that spoofs an IoT-enabled security camera's management portal. Which of the following is the most likely cause of this exploit?

Options:

A.

Bootloader code is stored in unsecure flash memory

B.

The portal's certificate is stored in unsecure flash memory

C.

X.509 private keys are stored in unsecure flash memory

D.

Firmware is loaded from flash using unsecure object references

Question 23

You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)

Options:

A.

Gramm-Leach-Bliley Act (GLBA)

B.

Payment Card Industry Data Security Standard (PCI-DSS)

C.

Federal Information Security Management Act (FISMA)

D.

Sarbanes-Oxley (SOX)

E.

Health Insurance Portability and Accountability Act (HIPAA)

F.

Family Educational Rights and Privacy Act (FERPA)

G.

Federal Energy Regulatory Commission (FERC)

Question 24

Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

Options:

A.

Disassembler

B.

Backdoor

C.

Debugger

D.

Stack pointer

Page: 6 / 8
Total 100 questions
Get ITS-110 Full Access Download ITS-110 PDF