Question 1

An IoT developer wants to ensure that data collected from a remotely deployed power station monitoring system is transferred securely to the cloud. Which of the following technologies should the developer consider?

Options :

A : Secure/Multipurpose Internet Mail Extensions (S/MIME)

B : Message-digest 5 (MD5)

C : Blowfish

D : Transport Layer Security (TLS)

Answer: D

Question 2

A hacker is able to access privileged information via an IoT portal by modifying a SQL parameter in a URL. Which of the following BEST describes the vulnerability that allows this type of attack?

Options :

A : Unvalidated redirect or forwarding

B : Insecure HTTP session management

C : Unsecure direct object references

D : Unhandled malformed URLs

Answer: C

Question 3

Which of the following techniques protects the confidentiality of the information stored in databases?

Options :

A : Hashing

B : Archiving

C : Monitoring

D : Encryption

Answer: D

Question 4

An IoT device has many sensors on it and that sensor data is sent to the cloud. An IoT security practitioner should be sure to do which of the following in regard to that sensor data?

Options :

A : Collect as much data as possible so as to maximize potential value of the new IoT use-case.

B : Collect only the minimum amount of data required to perform all the business functions.

C : The amount or type of data collected isn't important if you have a properly secured IoT device.

D : The amount or type of data collected isn't important if you implement proper authorization controls.

Answer: B

Question 5

An IoT systems administrator wants to ensure that all data stored on remote IoT gateways is unreadable. Which of the following technologies is the administrator most likely to implement?

Options :

A : Secure Hypertext Transmission Protocol (HTTPS)

B : Internet Protocol Security (IPSec)

C : Triple Data Encryption Standard (3DES)

D : Message Digest 5 (MD5)

Answer: B