• Home
  • Articles
  • Maximum Grades By Making ready With ITS-110 Dumps UPDATED 2024 [Q44-Q68]

Maximum Grades By Making ready With ITS-110 Dumps UPDATED 2024 [Q44-Q68]

Share

Maximum Grades By Making ready With ITS-110 Dumps UPDATED 2024

Prepare ITS-110 Exam Questions [2024] Recently Updated Questions

NEW QUESTION # 44
Which of the following is one way to implement countermeasures on an IoT gateway to ensure physical security?

  • A. Implement features in software instead of hardware
  • B. Add tamper detection to the enclosure
  • C. Limit physical access to ports when possible
  • D. Allow quick administrator access for mitigation

Answer: C


NEW QUESTION # 45
If an attacker were able to gain access to a user's machine on your network, which of the following actions would she most likely take next?

  • A. Start log scrubbing
  • B. Perform port scanning
  • C. Escalate privileges
  • D. Initiate reconnaissance

Answer: B


NEW QUESTION # 46
The network administrator for an organization has read several recent articles stating that replay attacks are on the rise. Which of the following secure protocols could the administrator implement to prevent replay attacks via remote workers' VPNs? (Choose three.)

  • A. Simple Network Management Protocol (SNMP)
  • B. Layer 2 Tunneling Protocol (L2TP)
  • C. Internet Protocol Security (IPSec)
  • D. Password Authentication Protocol (PAP)
  • E. Challenge Handshake Authentication Protocol (CHAP)
  • F. Interior Gateway Routing Protocol (IGRP)
  • G. Enhanced Interior Gateway Routing Protocol (EIGRP)

Answer: B,C,E


NEW QUESTION # 47
You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)

  • A. Gramm-Leach-Bliley Act (GLBA)
  • B. Family Educational Rights and Privacy Act (FERPA)
  • C. Payment Card Industry Data Security Standard (PCI-DSS)
  • D. Sarbanes-Oxley (SOX)
  • E. Health Insurance Portability and Accountability Act (HIPAA)
  • F. Federal Energy Regulatory Commission (FERC)
  • G. Federal Information Security Management Act (FISMA)

Answer: B,C,E


NEW QUESTION # 48
A manufacturer wants to ensure that user account information is isolated from physical attacks by storing credentials off-device. Which of the following methods or technologies best satisfies this requirement?

  • A. Border Gateway Protocol (BGP)
  • B. Remote Authentication Dial-In User Service (RADIUS)
  • C. Password Authentication Protocol (PAP)
  • D. Role-Based Access Control (RBAC)

Answer: B


NEW QUESTION # 49
An IoT developer wants to ensure all sensor to portal communications are as secure as possible and do not require any client-side configuration. Which of the following is the developer most likely to use?

  • A. IP Security (IPSec)
  • B. Secure/Multipurpose Internet Mail Extensions (S/MIME)
  • C. Virtual Private Networking (VPN)
  • D. Public Key Infrastructure (PKI)

Answer: A


NEW QUESTION # 50
A compromised IoT device is initiating random connections to an attacker's server in order to exfiltrate sensitive dat a. Which type of attack is being used?

  • A. Man-in-the-middle (MITM)
  • B. Honeypot
  • C. Reverse shell
  • D. SSL session hijack

Answer: C


NEW QUESTION # 51
Accompany collects and stores sensitive data from thousands of IoT devices. The company's IoT security administrator is concerned about attacks that compromise confidentiality. Which of the following attacks is the security administrator concerned about? (Choose two.)

  • A. Aggregation
  • B. Inference
  • C. Denial of Service (DoS)
  • D. Salami
  • E. Data diddling

Answer: A,B


NEW QUESTION # 52
An IoT system administrator wants to mitigate the risk of rainbow table attacks. Which of the following methods or technologies can the administrator implement in order to address this concern?

  • A. Require frequent password changes
  • B. Enable account database encryption
  • C. Require complex passwords
  • D. Enable account lockout

Answer: B


NEW QUESTION # 53
A security practitioner wants to encrypt a large datastore. Which of the following is the BEST choice to implement?

  • A. Diffie-Hellman (DH) algorithm
  • B. Symmetric encryption standards
  • C. Asymmetric encryption standards
  • D. Elliptic curve cryptography (ECC)

Answer: B


NEW QUESTION # 54
Which of the following methods or technologies is most likely to be used in order to mitigate brute force attacks?

  • A. Account lockout policy
  • B. Secure password recovery
  • C. Role-based access control
  • D. Automated security logging

Answer: A


NEW QUESTION # 55
Web forms that contain unvalidated fields are vulnerable to which of the following attacks? (Choose two.)

  • A. Smurf
  • B. Man-in-the-middle (MITM)
  • C. Cross-Site Scripting (XSS)
  • D. SQL Injection (SQLi)
  • E. Ping of death

Answer: C,D


NEW QUESTION # 56
Which of the following technologies allows for encryption of networking communications without requiring any configuration on IoT endpoints?

  • A. Internet Protocol Security (IPSec)
  • B. Transport Layer Security (TLS)
  • C. Virtual private network (VPN)
  • D. Elliptic curve cryptography (ECC)

Answer: C


NEW QUESTION # 57
An IoT system administrator discovers that unauthorized users are able to log onto and access data on remote IoT monitoring devices. What should the system administrator do on the remote devices in order to address this issue?

  • A. Change default passwords
  • B. Ensure all firmware updates have been applied
  • C. Implement URL filtering
  • D. Encrypt all locally stored data

Answer: A


NEW QUESTION # 58
An IoT system administrator discovers that end users are able to access administrative features on the company's IoT management portal. Which of the following actions should the administrator take to address this issue?

  • A. Implement granular role-based access
  • B. Implement account lockout policies
  • C. Implement password complexity policies
  • D. Implement digitally signed firmware updates

Answer: A


NEW QUESTION # 59
Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

  • A. Disassembler
  • B. Debugger
  • C. Backdoor
  • D. Stack pointer

Answer: C


NEW QUESTION # 60
An IoT developer wants to ensure that their cloud management portal is protected against compromised end-user credentials. Which of the following technologies should the developer implement?

  • A. An authentication policy which requires two random tokens generated by a hardware device.
  • B. An authentication policy that requires a password at initial logon, and a second password in order to access advanced features.
  • C. An authentication policy which requires user passwords to include twelve characters, including uppercase, lowercase, and special characters.
  • D. An authentication policy that requires a user to provide a strong password and on-demand token delivered via SMS.

Answer: D


NEW QUESTION # 61
A hacker was able to generate a trusted certificate that spoofs an IoT-enabled security camera's management portal. Which of the following is the most likely cause of this exploit?

  • A. X.509 private keys are stored in unsecure flash memory
  • B. The portal's certificate is stored in unsecure flash memory
  • C. Bootloader code is stored in unsecure flash memory
  • D. Firmware is loaded from flash using unsecure object references

Answer: A


NEW QUESTION # 62
A web administrator is concerned about injection attacks. Which of the following mitigation techniques should the web administrator implement?

  • A. Require strong passwords
  • B. Parameter validation
  • C. Require two-factor authentication (2FA)
  • D. Configure single sign-on (SSO)

Answer: B


NEW QUESTION # 63
An IoT security administrator is determining which cryptographic algorithm she should use to sign her server's digital certificates. Which of the following algorithms should she choose?

  • A. Rivest Cipher 6 (RC6)
  • B. Rijndael
  • C. Diffie-Hellman (DH)
  • D. Rivest-Shamir-Adleman (RSA)

Answer: D


NEW QUESTION # 64
An embedded developer is about to release an IoT gateway. Which of the following precautions must be taken to minimize attacks due to physical access?

  • A. Install a firewall on network ports
  • B. Remove all unneeded physical ports
  • C. Allow access only to the software
  • D. Allow easy access to components

Answer: B


NEW QUESTION # 65
A hacker is able to eavesdrop on administrative sessions to remote IoT sensors. Which of the following has most likely been misconfigured or disabled?

  • A. Virtual private network (VPN)
  • B. Telnet
  • C. Secure Shell (SSH)
  • D. Internet Protocol Security (IPSec)

Answer: D


NEW QUESTION # 66
An IoT security architect needs to minimize the security risk of a radio frequency (RF) mesh application. Which of the following might the architect consider as part of the design?

  • A. Prevent nodes from being rejected to keep the value of the network as high as possible.
  • B. Make pairing between nodes very easy so that troubleshooting is reduced.
  • C. Encrypt data transmission between nodes at the physical/logical layers.
  • D. Allow implicit trust of all gateways since they are the link to the internet.

Answer: C


NEW QUESTION # 67
Which of the following attacks relies on the trust that a website has for a user's browser?

  • A. Cross-Site Request Forgery (CSRF)
  • B. Phishing
  • C. Cross-Site Scripting (XSS)
  • D. SQL Injection (SQLi)

Answer: A


NEW QUESTION # 68
......

Give push to your success with ITS-110 exam questions: https://www.prepawayexam.com/CertNexus/braindumps.ITS-110.ete.file.html

ITS-110 100% Guarantee Download ITS-110 Exam PDF Q&A: https://drive.google.com/open?id=1UZ7vC1xZLzoq0QkzwnzfynpvjEY8f8wE

Related Articles

more
CertNexus ITS-110 Certification Practice Exam