CertNexus ITS-110 Dumps

Passwords should be stored…

Which of the following attacks utilizes Media Access Control (MAC) address spoofing?

In order to gain access to a user dashboard via an online portal, an end user must provide their username, a PIN, and a software token code. This process is known as:

A web application is connected to an IoT endpoint. A hacker wants to steal data from the connection between them. Which of the following is NOT a method of attack that could be used to facilitate stealing data?

An IoT system administrator discovers that unauthorized users are able to log onto and access data on remote IoT monitoring devices. What should the system administrator do on the remote devices in order to address this issue?

The network administrator for an organization has read several recent articles stating that replay attacks are on the rise. Which of the following secure protocols could the administrator implement to prevent replay attacks via remote workers’ VPNs? (Choose three.)

You work for a business-to-consumer (B2C) IoT device company. Your organization wishes to publish an annual report showing statistics related to the volume and variety of sensor data it collects. Which of the following should your organization do prior to using this information?

Which of the following encryption standards should an IoT developer select in order to implement an asymmetric key pair?

A user grants an IoT manufacturer consent to store personally identifiable information (PII). According to the General Data Protection Regulation (GDPR), when is an organization required to delete this data?

Which of the following attacks relies on the trust that a website has for a user's browser?

A DevOps engineer wants to provide secure network services to an IoT/cloud solution. Which of the following countermeasures should be implemented to mitigate network attacks that can render a network useless?

Network filters based on Ethernet burned-in-addresses are vulnerable to which of the following attacks?

An IoT system administrator discovers that end users are able to access administrative features on the company's IoT management portal. Which of the following actions should the administrator take to address this issue?

An Agile Scrum Master working on IoT solutions needs to get software released for a new IoT product. Since bugs could be found after deployment, which of the following should be part of the overall solution?

Which of the following methods or technologies is most likely to be used to protect an IoT portal against protocol fuzzing?

You work for a multi-national IoT device vendor. Your European customers are complaining about their inability to access the personal information about them that you have collected. Which of the following regulations is your organization at risk of violating?

A hacker enters credentials into a web login page and observes the server's responses. Which of the following attacks is the hacker attempting?

An IoT security administrator wishes to mitigate the risk of falling victim to Distributed Denial of Service (DDoS) attacks. Which of the following mitigation strategies should the security administrator implement? (Choose two.)

A security practitioner wants to encrypt a large datastore. Which of the following is the BEST choice to implement?

An IoT system administrator wants to mitigate the risk of rainbow table attacks. Which of the following methods or technologies can the administrator implement in order to address this concern?

An IoT security administrator is concerned about an external attacker using the internal device management local area network (LAN) to compromise his IoT devices. Which of the following countermeasures should the security administrator implement? (Choose three.)

A hacker was able to generate a trusted certificate that spoofs an IoT-enabled security camera's management portal. Which of the following is the most likely cause of this exploit?

You made an online purchase of a smart watch from a software as a service (SaaS) vendor, and filled out an extensive profile that will help you track several fitness variables. The vendor will provide you with customized health insights based on your profile. With which of the following regulations should the company be compliant? (Choose three.)

Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

A DevOps engineer wants to further secure the login mechanism to a website from IoT gateways. Which of the following is the BEST method the engineer should implement?

Recently, you purchased a smart watch from Company A. You receive a notification on your watch that you missed a call and have a new message. Upon checking the message, you hear the following:

“Hello, my name is Julie Simmons, and I'm with Company A. I want to thank you for your recent purchase and send you a small token of our appreciation. Please call me back at 888-555-1234. You will need to enter your credit card number, so we can authenticate you and ship your gift. Thanks for being a valued customer and enjoy your gift!"

Which of the following types of attacks could this be?

A network administrator is looking to implement best practices for the organization's password policy. Which of the following elements should the administrator include?

Which of the following functions can be added to the authorization component of AAA to enable the principal of least privilege with flexibility?

An IoT security practitioner should be aware of which common misconception regarding data in motion?

A hacker is attempting to exploit a known software flaw in an IoT portal in order to modify the site's administrative configuration. Which of the following BEST describes the type of attack the hacker is performing?