Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

ITS-110 Questions and Answers

Question # 6

Which of the following technologies allows for encryption of networking communications without requiring any configuration on IoT endpoints?

A.

Transport Layer Security (TLS)

B.

Internet Protocol Security (IPSec)

C.

Virtual private network (VPN)

D.

Elliptic curve cryptography (ECC)

Full Access
Question # 7

Which of the following methods is an IoT portal administrator most likely to use in order to mitigate Distributed Denial of Service (DDoS) attacks?

A.

Implement Domain Name System Security Extensions (DNSSEC) on all Internet-facing name servers

B.

Disable Network Address Translation Traversal (NAT-T) at the border firewall

C.

Implement traffic scrubbers on the upstream Internet Service Provider (ISP) connection

D.

Require Internet Protocol Security (IPSec) for all inbound portal connections

Full Access
Question # 8

You work for a business-to-consumer (B2C) IoT device company. Your organization wishes to publish an annual report showing statistics related to the volume and variety of sensor data it collects. Which of the following should your organization do prior to using this information?

A.

Confirm the devices they've sold are turned on

B.

Ensure all sensors are running the latest software

C.

Require customers to sign a subscription license

D.

Remove any customer-specific data

Full Access
Question # 9

An embedded developer is about to release an IoT gateway. Which of the following precautions must be taken to minimize attacks due to physical access?

A.

Allow access only to the software

B.

Remove all unneeded physical ports

C.

Install a firewall on network ports

D.

Allow easy access to components

Full Access
Question # 10

Requiring randomly generated tokens for each connection from an IoT device to the cloud can help mitigate which of the following types of attacks?

A.

Malformed URL injection

B.

Buffer overflow

C.

SSL certificate hijacking

D.

Session replay

Full Access
Question # 11

A user grants an IoT manufacturer consent to store personally identifiable information (PII). According to the General Data Protection Regulation (GDPR), when is an organization required to delete this data?

A.

Within ninety days after collection, unless required for a legal proceeding

B.

Within thirty days of a user's written request

C.

Within seven days of being transferred to secure, long-term storage

D.

Within sixty days after collection, unless encrypted

Full Access
Question # 12

If a site administrator wants to improve the secure access to a cloud portal, which of the following would be the BEST countermeasure to implement?

A.

Require frequent password changes

B.

Mandate multi-factor authentication (MFA)

C.

Utilize role-based access control (RBAC)

D.

Require separation of duties

Full Access
Question # 13

An IoT device has many sensors on it and that sensor data is sent to the cloud. An IoT security practitioner should be sure to do which of the following in regard to that sensor data?

A.

Collect as much data as possible so as to maximize potential value of the new IoT use-case.

B.

Collect only the minimum amount of data required to perform all the business functions.

C.

The amount or type of data collected isn't important if you have a properly secured IoT device.

D.

The amount or type of data collected isn't important if you implement proper authorization controls.

Full Access
Question # 14

Which of the following items should be part of an IoT software company's data retention policy?

A.

Transport encryption algorithms

B.

X.509 certificate expiration

C.

Data backup storage location

D.

Password expiration requirements

Full Access
Question # 15

An IoT integrator wants to deploy an IoT gateway at the Edge and have it connect to the cloud via API. In order to minimize risk, which of the following actions should the integrator take before integration?

A.

Write down the default login and password

B.

Remove all logins and passwords that may exist

C.

Create new credentials using a strong password

D.

Reset the IoT gateway to factory defaults

Full Access
Question # 16

An IoT security administrator realizes that when he attempts to visit the administrative website for his devices, he is sent to a fake website. To which of the following attacks has he likely fallen victim?

A.

Buffer overflow

B.

Denial of Service (DoS)

C.

Birthday attack

D.

Domain name system (DNS) poisoning

Full Access
Question # 17

Which of the following attacks would most likely be used to discover users, printers, and other objects within a network?

A.

Distributed Denial of Service (DDoS)

B.

SYN flood

C.

LDAP Injection

D.

Denial of Service (DoS)

Full Access
Question # 18

It is a new employee's first day on the job. When trying to access secured systems, he incorrectly enters his credentials multiple times. Which resulting action should take place?

A.

His account is deleted.

B.

He receives a new password.

C.

His account is locked.

D.

He notifies Human Resources.

Full Access
Question # 19

An IoT security architect needs to minimize the security risk of a radio frequency (RF) mesh application. Which of the following might the architect consider as part of the design?

A.

Make pairing between nodes very easy so that troubleshooting is reduced.

B.

Encrypt data transmission between nodes at the physical/logical layers.

C.

Prevent nodes from being rejected to keep the value of the network as high as possible.

D.

Allow implicit trust of all gateways since they are the link to the internet.

Full Access
Question # 20

An IoT security practitioner should be aware of which common misconception regarding data in motion?

A.

That transmitted data is point-to-point and therefore a third party does not exist.

B.

The assumption that all data is encrypted properly and cannot be exploited.

C.

That data can change instantly so old data is of no value.

D.

The assumption that network protocols automatically encrypt data on the fly.

Full Access
Question # 21

The network administrator for an organization has read several recent articles stating that replay attacks are on the rise. Which of the following secure protocols could the administrator implement to prevent replay attacks via remote workers’ VPNs? (Choose three.)

A.

Internet Protocol Security (IPSec)

B.

Enhanced Interior Gateway Routing Protocol (EIGRP)

C.

Password Authentication Protocol (PAP)

D.

Challenge Handshake Authentication Protocol (CHAP)

E.

Simple Network Management Protocol (SNMP)

F.

Layer 2 Tunneling Protocol (L2TP)

G.

Interior Gateway Routing Protocol (IGRP)

Full Access
Question # 22

A developer needs to apply a family of protocols to mediate network access. Authentication and Authorization has been implemented properly. Which of the following is the missing component?

A.

Management

B.

Accounting

C.

Auditing

D.

Inventory

Full Access
Question # 23

A web application is connected to an IoT endpoint. A hacker wants to steal data from the connection between them. Which of the following is NOT a method of attack that could be used to facilitate stealing data?

A.

Cross-Site Request Forgery (CSRF)

B.

SQL Injection (SQLi)

C.

Cross-Site Scripting (XSS)

D.

LDAP Injection

Full Access
Question # 24

An IoT security administrator is concerned that someone could physically connect to his network and scan for vulnerable devices. Which of the following solutions should he install to prevent this kind of attack?

A.

Media Access Control (MAC)

B.

Network Access Control (NAC)

C.

Host Intrusion Detection System (HIDS)

D.

Network Intrusion Detection System (NIDS)

Full Access
Question # 25

Which of the following attacks is a reflected Distributed Denial of Service (DDoS) attack?

A.

Teardrop

B.

Ping of Death

C.

SYN flood

D.

Smurf

Full Access
Question # 26

An IoT security administrator wants to encrypt the database used to store sensitive IoT device data. Which of the following algorithms should he choose?

A.

Triple Data Encryption Standard (3DES)

B.

ElGamal

C.

Rivest-Shamir-Adleman (RSA)

D.

Secure Hash Algorithm 3-512 (SHA3-512)

Full Access
Question # 27

Which of the following policies provides the BEST protection against identity theft when data stored on an IoT portal has been compromised?

A.

Data retention polices

B.

Data categorization policies

C.

Data anonymization policies

D.

Data disposal policies

Full Access
Question # 28

Accompany collects and stores sensitive data from thousands of IoT devices. The company's IoT security administrator is concerned about attacks that compromise confidentiality. Which of the following attacks is the security administrator concerned about? (Choose two.)

A.

Salami

B.

Aggregation

C.

Data diddling

D.

Denial of Service (DoS)

E.

Inference

Full Access
Question # 29

A network administrator is looking to implement best practices for the organization's password policy. Which of the following elements should the administrator include?

A.

Maximum length restriction

B.

Password history checks

C.

No use of special characters

D.

No password expiration

Full Access
Question # 30

An OT security practitioner wants to implement two-factor authentication (2FA). Which of the following is the least secure method to use for implementation?

A.

Out-of-band authentication (OOBA)

B.

2FA over Short Message Service (SMS)

C.

Authenticator Apps for smartphones

D.

Fast Identity Online (FIDO) Universal 2nd Factor (U2F) USB key

Full Access