Legit ITS-110 Exam Download

Page: 3 / 7

Question 12

An IoT security administrator is concerned about an external attacker using the internal device management local area network (LAN) to compromise his IoT devices. Which of the following countermeasures should the security administrator implement? (Choose three.)

Options:

Require the use of Password Authentication Protocol (PAP)

Create a separate management virtual LAN (VLAN)

Ensure that all IoT management servers are running antivirus software

Implement 802.1X for authentication

Ensure that the Time To Live (TTL) flag for outgoing packets is set to 1

Only allow outbound traffic from the management LAN

Ensure that all administrators access the management server at specific times

Question 13

A hacker enters credentials into a web login page and observes the server's responses. Which of the following attacks is the hacker attempting?

Options:

Account enumeration

Directory traversal

Buffer overflow

Spear phishing

Question 14

Which of the following methods is an IoT portal administrator most likely to use in order to mitigate Distributed Denial of Service (DDoS) attacks?

Options:

Implement Domain Name System Security Extensions (DNSSEC) on all Internet-facing name servers

Disable Network Address Translation Traversal (NAT-T) at the border firewall

Implement traffic scrubbers on the upstream Internet Service Provider (ISP) connection

Require Internet Protocol Security (IPSec) for all inbound portal connections

Question 15

A cloud developer for an IoT service is storing billing information. Which of the following should be considered a common vulnerability in regard to this data that could be used to compromise privacy?