An Agile Scrum Master working on IoT solutions needs to get software released for a new IoT product. Since bugs could be found after deployment, which of the following should be part of the overall solution?
Which of the following attacks utilizes Media Access Control (MAC) address spoofing?
Network filters based on Ethernet burned-in-addresses are vulnerable to which of the following attacks?
An IoT system administrator discovers that hackers are using rainbow tables to compromise user accounts on their cloud management portal. What should the administrator do in order to mitigate this risk?
A compromised IoT device is initiating random connections to an attacker's server in order to exfiltrate sensitive data. Which type of attack is being used?
An IoT device has many sensors on it and that sensor data is sent to the cloud. An IoT security practitioner should be sure to do which of the following in regard to that sensor data?
An embedded developer is about to release an IoT gateway. Which of the following precautions must be taken to minimize attacks due to physical access?
Requiring randomly generated tokens for each connection from an IoT device to the cloud can help mitigate which of the following types of attacks?
A hacker enters credentials into a web login page and observes the server's responses. Which of the following attacks is the hacker attempting?
A software developer for an IoT device company is creating software to enhance the capabilities of his company's security cameras. He wants the end users to be confidentthat the software they are downloading from his company's support site is legitimate. Which of the following tools or techniques should he utilize?
An IoT service collects massive amounts of data and the developer is encrypting the data, forcing administrative users to authenticate and be authorized. The data is being disposed of properly and on a timely basis. However, which of the following countermeasures is the developer most likely overlooking?
A web administrator is concerned about injection attacks. Which of the following mitigation techniques should the web administrator implement?
A hacker wants to record a live session between a user and a host in hopes that parts of the datastream can be used to spoof the session. Which of the following attacks is this person attempting?
An IoT security administrator wants to encrypt the database used to store sensitive IoT device data. Which of the following algorithms should he choose?
An IoT systems administrator wants to ensure that all data stored on remote IoT gateways is unreadable. Which of the following technologies is the administrator most likely to implement?
You work for an IoT software-as-a-service (SaaS) provider. Your boss has asked you to research a way to effectively dispose of stored sensitive customer data. Which of the following methods should you recommend to your boss?
An IoT system administrator wants to mitigate the risk of rainbow table attacks. Which of the following methods or technologies can the administrator implement in order to address this concern?
A corporation's IoT security administrator has configured his IoT endpoints to send their data directly to a database using Secure Sockets Layer (SSL)/Transport Layer Security (TLS). Which entity provides the symmetric key used to secure the data in transit?
Accompany collects and stores sensitive data from thousands of IoT devices. The company's IoT security administrator is concerned about attacks that compromise confidentiality. Which of the following attacks is the security administrator concerned about? (Choose two.)
An IoT system administrator discovers that unauthorized users are able to log onto and access data on remote IoT monitoring devices. What should the system administrator do on the remote devices in order to address this issue?
An IoT device which allows unprotected shell access via console ports is most vulnerable to which of the following risks?
A hacker was able to generate a trusted certificate that spoofs an IoT-enabled security camera's management portal. Which of the following is the most likely cause of this exploit?
Which of the following attacks is a reflected Distributed Denial of Service (DDoS) attack?
Recently, you purchased a smart watch from Company A. You receive a notification on your watch that you missed a call and have a new message. Upon checking the message, you hear the following:
“Hello, my name is Julie Simmons, and I'm with Company A. I want to thank you for your recent purchase and send you a small token of our appreciation. Please call me back at 888-555-1234. You will need to enter your credit card number, so we can authenticate you and ship your gift. Thanks for being a valued customer and enjoy your gift!"
Which of the following types of attacks could this be?
A network administrator is looking to implement best practices for the organization's password policy. Which of the following elements should the administrator include?
An OT security practitioner wants to implement two-factor authentication (2FA). Which of the following is the least secure method to use for implementation?