Certified IoT Security Practitioner ITS-110 Exam Questions and Answers PDF

Page: 2 / 7

Question 8

An IoT system administrator discovers that end users are able to access administrative features on the company's IoT management portal. Which of the following actions should the administrator take to address this issue?

Options:

Implement password complexity policies

Implement granular role-based access

Implement account lockout policies

Implement digitally signed firmware updates

Question 9

An embedded developer is about to release an IoT gateway. Which of the following precautions must be taken to minimize attacks due to physical access?

Options:

Allow access only to the software

Remove all unneeded physical ports

Install a firewall on network ports

Allow easy access to components

Question 10

A user grants an IoT manufacturer consent to store personally identifiable information (PII). According to the General Data Protection Regulation (GDPR), when is an organization required to delete this data?

Options:

Within ninety days after collection, unless required for a legal proceeding

Within thirty days of a user's written request

Within seven days of being transferred to secure, long-term storage

Within sixty days after collection, unless encrypted

Question 11

A hacker is able to eavesdrop on administrative sessions to remote IoT sensors. Which of the following has most likely been misconfigured or disabled?