Question 1

A hacker is able to eavesdrop on administrative sessions to remote IoT sensors. Which of the following has most likely been misconfigured or disabled?

Accepted Answer

B

Explanation: In many Internet of Things (IoT) architectures, remote sensors and devices are managed as a group. To secure communications, a Virtual Private Network (VPN) using the Internet Protocol Security (IPSec) suite is often established between the management station and the remote network gateway. This creates a secure tunnel, encrypting all traffic. Within this tunnel, administrators might use lightweight, unencrypted protocols for sessions, assuming the tunnel provides confidentiality. If the IPSec tunnel is misconfigured or disabled, this layer of protection is lost, and the administrative session traffic is transmitted in cleartext over the public internet, making it vulnerable to eavesdropping.

Question 2

Accompany collects and stores sensitive data from thousands of IoT devices. The company's IoT
security administrator is concerned about attacks that compromise confidentiality. Which of the
following attacks is the security administrator concerned about? (Choose two.)

Accepted Answer

B, E

Explanation: The administrator's concern is with attacks that compromise confidentiality, meaning the unauthorized disclosure of sensitive information. Aggregation is the technique of combining multiple pieces of non-sensitive data to infer sensitive information. For example, combining IoT sensor data on energy usage, water flow, and motion detection could reveal when occupants are home, which is confidential. Inference is the process of deriving sensitive information from available data through analysis. An attacker could infer a user's health status by analyzing data from a smart appliance and a wearable fitness tracker. Both attacks directly result in learning sensitive information that was not explicitly provided, thus violating confidentiality.

Question 3

You work for a multi-national IoT device vendor. Your European customers are complaining about
their inability to access the personal information about them that you have collected. Which of the
following regulations is your organization at risk of violating?

Accepted Answer

B

Explanation: The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union (EU). A core tenet of GDPR is granting individuals, referred to as data subjects, specific rights over their personal data. The scenario describes European customers being unable to access their personal information, which directly relates to the "right of access by the data subject" enshrined in Article 15 of the GDPR. This right mandates that organizations must provide individuals with a copy of their personal data upon request. As the company is a multi-national vendor with European customers, it is subject to GDPR and is at risk of violating this fundamental right.

Question 4

Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

Accepted Answer

B

Explanation: A backdoor is a covert method of bypassing normal authentication or security mechanisms to gain access to a system. Software developers may legitimately implement a backdoor during the development phase to facilitate easier testing, debugging, or administrative access. Conversely, attackers install backdoors on compromised systems to create a persistent, hidden entry point. This allows them to maintain remote control and access the system in the future, even if the original vulnerability that granted them initial entry is discovered and patched. This dual-use nature, serving both legitimate maintenance and malicious control, makes it the correct answer.

Question 5

An IoT system administrator discovers that unauthorized users are able to log onto and access data
on remote IoT monitoring devices. What should the system administrator do on the remote devices
in order to address this issue?

Accepted Answer

C

Explanation: The issue described is unauthorized users logging onto remote IoT devices. This is a classic indicator of compromised or weak authentication credentials. The most common vulnerability of this type in IoT ecosystems is the use of factory-default usernames and passwords, which are often publicly documented and rarely changed by administrators. Changing the default passwords on all devices is the most direct and immediate action to revoke access for unauthorized users who are exploiting these known credentials, thereby resolving the primary security flaw.

Question 6

A developer is coding for an IoT product in the healthcare sector. What special care must the developer take?

Accepted Answer

B

Explanation: IoT products in the healthcare sector frequently collect, process, and transmit sensitive Protected Health Information (PHI). This data is subject to stringent legal and ethical standards, most notably the Health Insurance Portability and Accountability Act (HIPAA) in the United States. A developer's primary responsibility is to engineer the product with robust security and privacy controls from the outset. Applying best practices for privacy protection, such as data encryption, access control, and secure data handling, is a critical and non-negotiable requirement to prevent data breaches, ensure patient confidentiality, and maintain regulatory compliance.

Question 7

A security practitioner wants to encrypt a large datastore. Which of the following is the BEST choice to implement?

Accepted Answer

B

Explanation: Symmetric encryption standards, such as the Advanced Encryption Standard (AES), are the most appropriate choice for encrypting large datastores. These algorithms are designed for high performance and computational efficiency, allowing for the rapid encryption and decryption of large volumes of data (bulk data). Asymmetric encryption is significantly slower and more resource-intensive, making it impractical for this purpose. Symmetric encryption uses a single shared key, which is optimized for high-throughput operations required for encrypting entire databases, file systems, or archives.

Question 8

If an attacker were able to gain access to a user's machine on your network, which of the following actions would she most likely take next?

Accepted Answer

B

Explanation: After an attacker gains initial access to a user's machine, their most critical and immediate objective is to solidify and improve their position. Escalating privileges from a standard user account to an administrative or SYSTEM/root account is the most effective way to achieve this. Gaining elevated privileges allows the attacker to bypass local security controls, install persistent software, access protected data such as credentials from memory (e.g., LSASS), and gain unrestricted ability to perform further actions like internal reconnaissance. While some reconnaissance is possible with low privileges, securing a stable, high-privilege foothold is the tactical priority before expanding operations within the network.

Question 9

A manufacturer wants to ensure that approved software is delivered securely and can be verified
prior to installation on its IoT devices. Which of the following technologies allows the manufacturer
to meet this requirement?

Accepted Answer

B

Explanation: Public Key Infrastructure (PKI) is a framework that uses public-key cryptography to manage digital certificates and identities. For secure software delivery, a manufacturer uses its private key to create a digital signature for the software package. This signature is then bundled with the software. The IoT device, which has the manufacturer's public key pre-installed in a trusted root store, can use this key to verify the signature. This process confirms both the software's authenticity (it genuinely came from the manufacturer) and its integrity (it has not been altered since being signed), directly meeting the requirement for verification prior to installation.

Question 10

An IoT gateway will be brokering data on numerous northbound and southbound interfaces. A
security practitioner has the data encrypted while stored on the gateway and encrypted while
transmitted across the network. Should this person be concerned with privacy while the data is in
use?

Accepted Answer

B

Explanation: Data security is typically categorized into three states: data in motion (during transmission), data at rest (in storage), and data in use (during processing). The scenario describes protections for the first two states using encryption. However, for a standard CPU to perform computations, data must be decrypted and loaded into system memory (RAM). While in this "in use" state, the unencrypted, plaintext data is vulnerable to memory-scraping malware, unauthorized privileged access, or side-channel attacks that can read the contents of RAM. Therefore, even with robust encryption for data at rest and in motion, a significant privacy risk remains during the processing phase.

Question 11

A DevOps engineer wants to provide secure network services to an IoT/cloud solution. Which of the
following countermeasures should be implemented to mitigate network attacks that can render a
network useless?

Accepted Answer

B

Explanation: The question asks for a countermeasure against network attacks that can "render a network useless." This phrase directly describes the goal of a Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack. These attacks overwhelm a network's resources, such as bandwidth or server capacity, with malicious traffic, making it unavailable to legitimate users. Therefore, implementing specific DoS/DDoS mitigation techniques, which are designed to detect and filter this malicious traffic, is the most direct and effective countermeasure to prevent the network from being rendered useless.

Question 12

Which of the following is the BEST encryption standard to implement for securing bulk data?

Accepted Answer

B

Explanation: The Advanced Encryption Standard (AES) is the current industry and government standard for symmetric block ciphers. It is designed to be highly efficient in both hardware and software, making it ideal for encrypting large volumes of data, or "bulk data." AES offers strong security with multiple key lengths (128, 192, and 256 bits) and has withstood extensive cryptanalysis. Its combination of speed, security, and widespread adoption makes it the best choice for this purpose.

Question 13

Which of the following is one way to implement countermeasures on an IoT gateway to ensure physical security?

Accepted Answer

B

Explanation: Limiting physical access to ports is a fundamental and critical countermeasure for securing an IoT gateway. Unprotected ports, such as USB, JTAG, or serial console ports, represent a significant physical attack surface. An attacker with physical access could use these ports to dump firmware, access a command-line interface, bypass security controls, or introduce malicious code. By disabling unused ports in the software/firmware or physically blocking them (e.g., with epoxy or locking covers), an organization can effectively prevent these common physical attack vectors, thereby hardening the device against unauthorized access and tampering.

Question 14

An IoT security architect wants to implement Bluetooth between two nodes. The Elliptic Curve Diffie-
Hellman (ECDH) cipher suite has been identified as a requirement. Which of the following Bluetooth
versions can meet this requirement?

Accepted Answer

B

Explanation: The requirement for the Elliptic Curve Diffie-Hellman (ECDH) cipher suite is met by the LE Secure Connections pairing feature. This feature was introduced specifically in the Bluetooth Core Specification version 4.2. LE Secure Connections uses the FIPS-approved ECDH key exchange protocol to provide robust security against passive eavesdropping and man-in-the-middle (MITM) attacks. Bluetooth versions prior to 4.2, such as 4.0 and 4.1, use a method called LE Legacy Pairing, which does not utilize ECDH and is known to be vulnerable. Therefore, only BLE v4.2 and later versions can satisfy the requirement.

Question 15

A hacker wants to record a live session between a user and a host in hopes that parts of the datastream can be used to spoof the session. Which of the following attacks is this person attempting?

Accepted Answer

B

Explanation: A session replay attack involves an attacker intercepting and recording a valid user's data session with a host or server. The attacker then re-transmits, or "replays," this captured data (which can include session tokens or cookies) to the server. The server, unable to distinguish the replayed session from the original legitimate one, grants the attacker the same access and privileges as the original user. The question's description of recording a live session to spoof it perfectly aligns with the mechanics of a session replay attack.

Free CertNexus ITS-110 Actual Exam Questions