Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free CertNexus ITS-110 Practice Exam with Questions & Answers | Set: 2

Questions 11

An IoT software developer wants the users of her software tools to know if they have been modified by someone other than her. Which of the following tools or techniques should she use?

Options:
A.

Encryption

B.

Obfuscation

C.

Hashing

D.

Fuzzing

CertNexus ITS-110 Premium Access
Questions 12

You work for a business-to-consumer (B2C) IoT device company. Your organization wishes to publish an annual report showing statistics related to the volume and variety of sensor data it collects. Which of the following should your organization do prior to using this information?

Options:
A.

Confirm the devices they've sold are turned on

B.

Ensure all sensors are running the latest software

C.

Require customers to sign a subscription license

D.

Remove any customer-specific data

Questions 13

A software developer for an IoT device company is creating software to enhance the capabilities of his company's security cameras. He wants the end users to be confidentthat the software they are downloading from his company's support site is legitimate. Which of the following tools or techniques should he utilize?

Options:
A.

Data validation

B.

Interrupt analyzer

C.

Digital certificate

D.

Pseudocode

Questions 14

A hacker is able to eavesdrop on administrative sessions to remote IoT sensors. Which of the following has most likely been misconfigured or disabled?

Options:
A.

Secure Shell (SSH)

B.

Internet Protocol Security (IPSec)

C.

Telnet

D.

Virtual private network (VPN)

Questions 15

A web application is connected to an IoT endpoint. A hacker wants to steal data from the connection between them. Which of the following is NOT a method of attack that could be used to facilitate stealing data?

Options:
A.

Cross-Site Request Forgery (CSRF)

B.

SQL Injection (SQLi)

C.

Cross-Site Scripting (XSS)

D.

LDAP Injection

Questions 16

An IoT developer needs to ensure that user passwords for a smartphone app are stored securely. Which of the following methods should the developer use to meet this requirement?

Options:
A.

Encrypt all stored passwords using 256-bit Advanced Encryption Standard (AES-256)

B.

Encrypt all stored passwords using 128-bit Twofish

C.

Hash all passwords using Message Digest 5 (MD5)

D.

Store all passwords in read-only memory

Questions 17

An Agile Scrum Master working on IoT solutions needs to get software released for a new IoT product. Since bugs could be found after deployment, which of the following should be part of the overall solution?

Options:
A.

A money back guarantee, no questions asked

B.

Over-the-Air (OTA) software updates

C.

A lifetime transferable warranty

D.

Free firmware updates if the product is sent back to the manufacturer

Questions 18

An IoT systems administrator wants to ensure that all data stored on remote IoT gateways is unreadable. Which of the following technologies is the administrator most likely to implement?

Options:
A.

Secure Hypertext Transmission Protocol (HTTPS)

B.

Internet Protocol Security (IPSec)

C.

Triple Data Encryption Standard (3DES)

D.

Message Digest 5 (MD5)

Questions 19

An IoT systems administrator needs to be able to detect packet injection attacks. Which of the follow methods or technologies is the administrator most likely to implement?

Options:
A.

Internet Protocol Security (IPSec) with Encapsulating Security Payload (ESP)

B.

Point-to-Point Tunneling Protocol (PPTP)

C.

Layer 2 Tunneling Protocol (L2TP)

D.

Internet Protocol Security (IPSec) with Authentication Headers (AH)

Questions 20

You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)

Options:
A.

Gramm-Leach-Bliley Act (GLBA)

B.

Payment Card Industry Data Security Standard (PCI-DSS)

C.

Federal Information Security Management Act (FISMA)

D.

Sarbanes-Oxley (SOX)

E.

Health Insurance Portability and Accountability Act (HIPAA)

F.

Family Educational Rights and Privacy Act (FERPA)

G.

Federal Energy Regulatory Commission (FERC)