Certified IoT Security Practitioner ITS-110 Release Date

Page: 5 / 7

Question 20

An IoT manufacturer needs to ensure that firmware flaws can be addressed even after their devices have been deployed. Which of the following methods should the manufacturer use to meet this requirement?

Options:

Ensure that the bootloader can be accessed remotely using Secure Shell (SSH)

Ensure that a writable copy of the device's configuration is stored in flash memory

Ensure that device can accept Over-the-Air (OTA) firmware updates

Ensure that ail firmware is signed using digital certificates prior to deployment

Question 21

An IoT developer discovers that clients frequently fall victim to phishing attacks. What should the developer do in order to ensure that customer accounts cannot be accessed even if the customer's password has been compromised?

Options:

Implement two-factor authentication (2FA)

Enable Kerberos authentication

Implement account lockout policies

Implement Secure Lightweight Directory Access Protocol (LDAPS)

Question 22

A developer needs to apply a family of protocols to mediate network access. Authentication and Authorization has been implemented properly. Which of the following is the missing component?

Options:

Management

Accounting

Auditing

Inventory

Question 23

In order to gain access to a user dashboard via an online portal, an end user must provide their username, a PIN, and a software token code. This process is known as: