Download Certified Internet of Things Security Practitioner.ITS-110.VCEplus.2023-08-17.33q.vcex

Vendor: CertNexus
Exam Code: ITS-110
Exam Name: Certified Internet of Things Security Practitioner
Date: Aug 17, 2023
File Size: 20 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Coupon: EXAM_HUB

Discount: 20%

Demo Questions

Question 1
A DevOps engineer wants to provide secure network services to an IoT/cloud solution. Which of the following countermeasures should be implemented to mitigate network attacks that can render a network useless?
  1. Network firewall
  2. Denial of Service (DoS)/Distributed Denial of Service (DDoS) mitigation
  3. Web application firewall (WAF)
  4. Deep Packet Inspection (DPI)
Correct answer: B
Question 2
What is one popular network protocol that is usually enabled by default on home routers that creates a large attack surface?
  1. Open virtual private network (VPN)
  2. Universal Plug and Play (UPnP)
  3. Network Address Translation (NAT)
  4. Domain Name System Security Extensions (DNSSEC)
Correct answer: B
Question 3
An IoT systems administrator needs to be able to detect packet injection attacks. Which of the follow methods or technologies is the administrator most likely to implement? 
  1. Internet Protocol Security (IPSec) with Encapsulating Security Payload (ESP)
  2. Point-to-Point Tunneling Protocol (PPTP)
  3. Layer 2 Tunneling Protocol (L2TP)
  4. Internet Protocol Security (IPSec) with Authentication Headers (AH)
Correct answer: D
Question 4
An IoT developer wants to ensure all sensor to portal communications are as secure as possible and do not require any client-side configuration. Which of the following is the developer most likely to use?
  1. Virtual Private Networking (VPN)
  2. Public Key Infrastructure (PKI)
  3. IP Security (IPSec)
  4. Secure/Multipurpose Internet Mail Extensions (S/MIME)
Correct answer: C
Question 5
An IoT security practitioner should be aware of which common misconception regarding data in motion?
  1. That transmitted data is point-to-point and therefore a third party does not exist.
  2. The assumption that all data is encrypted properly and cannot be exploited.
  3. That data can change instantly so old data is of no value. 
  4. The assumption that network protocols automatically encrypt data on the fly.
Correct answer: B
Question 6
A hacker is able to eavesdrop on administrative sessions to remote IoT sensors. Which of the following has most likely been misconfigured or disabled?
  1. Secure Shell (SSH)
  2. Internet Protocol Security (IPSec)
  3. Telnet
  4. Virtual private network (VPN)
Correct answer: B
Question 7
A corporation's IoT security administrator has configured his IoT endpoints to send their data directly to a database using Secure Sockets Layer (SSL)/Transport Layer Security (TLS). Which entity provides the symmetric key used to secure the data in transit?
  1. The administrator's machine
  2. The database server
  3. The Key Distribution Center (KDC)
  4. The IoT endpoint
Correct answer: B
Question 8
An IoT security architect needs to secure data in motion. Which of the following is a common vulnerability used to exploit unsecure data in motion?
  1. External flash access
  2. Misconfigured Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
  3. Databases and datastores
  4. Lack of memory space isolation
Correct answer: B
Question 9
In order to successfully perform a man-in-the-middle (MITM) attack against a secure website, which of the following could be true?
  1. Client to server traffic must use Hypertext Transmission Protocol (HTTP)
  2. The server must be vulnerable to malformed Uniform Resource Locator (URL) injection
  3. The server must be using a deprecated version of Transport Layer Security (TLS)
  4. The web server's X.509 certificate must be compromised
Correct answer: C
Question 10
An IoT security administrator wishes to mitigate the risk of falling victim to Distributed Denial of Service (DDoS) attacks. Which of the following mitigation strategies should the security administrator implement? 
(Choose two.)
  1. Block all inbound packets with an internal source IP address
  2. Block all inbound packets originating from service ports
  3. Enable unused Transmission Control Protocol (TCP) service ports in order to create a honeypot
  4. Block the use of Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) through his perimeter firewall
  5. Require the use of X.509 digital certificates for all incoming requests
Correct answer: DE

Use VCE Exam Simulator to open VCE files


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!