ITS-110試験無料問題集（102題）「CertNexus Certified Internet of Things Security Practitioner 認定」

出題：1

A cloud developer for an IoT service is storing billing information. Which of the following should be considered a common vulnerability in regard to this data that could be used to compromise privacy?

A. Enabled notifications as required by law

B. Authorized access to personal information

C. Lack of data retention policies

D. Secured data in motion and at rest

正解：B 解答を投票する

出題：2

An IoT service collects massive amounts of data and the developer is encrypting the data, forcing administrative users to authenticate and be authorized. The data is being disposed of properly and on a timely basis. However, which of the following countermeasures is the developer most likely overlooking?

A. That data is only valuable as perceived by the beholder.

B. That data isn't valuable unless it's used as evidence for crime committed.

C. That private data can never be fully destroyed.

D. The best practice to only collect critical data and nothing more.

正解：D 解答を投票する

出題：3

Which of the following methods or technologies is most likely to be used to protect an IoT portal against protocol fuzzing?

A. Public Key Infrastructure (PKI)

B. Hash-based Message Authentication Code (HMAC)

C. Next-Generation Firewall (NGFW)

D. Secure Hypertext Transfer Protocol (HTTPS)

正解：C 解答を投票する

出題：4

An OT security practitioner wants to implement two-factor authentication (2FA). Which of the following is the least secure method to use for implementation?

A. 2FA over Short Message Service (SMS)

B. Fast Identity Online (FIDO) Universal 2nd Factor (U2F) USB key

C. Authenticator Apps for smartphones

D. Out-of-band authentication (OOBA)

正解：A 解答を投票する

出題：5

What is one popular network protocol that is usually enabled by default on home routers that creates a large attack surface?

A. Universal Plug and Play (UPnP)

B. Network Address Translation (NAT)

C. Open virtual private network (VPN)

D. Domain Name System Security Extensions (DNSSEC)

正解：A 解答を投票する

出題：6

Which of the following functions can be added to the authorization component of AAA to enable the principal of least privilege with flexibility?

A. Access control list (ACL)

B. Role-based access control (RBAC)

C. Discretionary access control (DAC)

D. Mandatory access control (MAC)

正解：B 解答を投票する

出題：7

An IoT security architect needs to minimize the security risk of a radio frequency (RF) mesh application. Which of the following might the architect consider as part of the design?

A. Make pairing between nodes very easy so that troubleshooting is reduced.

B. Prevent nodes from being rejected to keep the value of the network as high as possible.

C. Encrypt data transmission between nodes at the physical/logical layers.

D. Allow implicit trust of all gateways since they are the link to the internet.

正解：C 解答を投票する

出題：8

The network administrator for an organization has read several recent articles stating that replay attacks are on the rise. Which of the following secure protocols could the administrator implement to prevent replay attacks via remote workers' VPNs? (Choose three.)

A. Interior Gateway Routing Protocol (IGRP)

B. Simple Network Management Protocol (SNMP)

C. Enhanced Interior Gateway Routing Protocol (EIGRP)

D. Layer 2 Tunneling Protocol (L2TP)

E. Password Authentication Protocol (PAP)

F. Challenge Handshake Authentication Protocol (CHAP)

G. Internet Protocol Security (IPSec)

正解：D,F,G 解答を投票する

ITS-110試験無料問題集「CertNexus Certified Internet of Things Security Practitioner 認定」