一番最新のCertNexus ITS-110試験問題集PDFには2023年更新 [Q36-Q52]

Share

一番最新のCertNexus ITS-110試験問題集PDFには2023年更新

100%無料Certified IoT Security Practitioner ITS-110問題集PDFお試しサンプル認定ガイドがカバーされます


試験は85の複数選択の質問で構成されており、2時間以内に完了する必要があります。試験に合格するには、候補者は70%以上を獲得する必要があります。試験は英語で利用でき、オンラインまたは物理的なテストセンターで撮影できます。

 

質問 # 36
If an attacker were able to gain access to a user's machine on your network, which of the following actions would she most likely take next?

  • A. Perform port scanning
  • B. Start log scrubbing
  • C. Escalate privileges
  • D. Initiate reconnaissance

正解:D


質問 # 37
A site administrator is not enforcing strong passwords or password complexity. To which of the following types of attacks is this system probably MOST vulnerable?

  • A. Key logger attack
  • B. Phishing attack
  • C. Dictionary attack
  • D. Collision attack

正解:C


質問 # 38
A DevOps engineer wants to further secure the login mechanism to a website from IoT gateways. Which of the following is the BEST method the engineer should implement?

  • A. Require two-factor or multifactor authentication
  • B. Require that passwords cannot include special characters
  • C. Require that passwords contain alphanumeric characters
  • D. Require that passwords be changed periodically

正解:A


質問 # 39
An IoT security administrator realizes that when he attempts to visit the administrative website for his devices, he is sent to a fake website. To which of the following attacks has he likely fallen victim?

  • A. Buffer overflow
  • B. Birthday attack
  • C. Denial of Service (DoS)
  • D. Domain name system (DNS) poisoning

正解:D


質問 # 40
An IoT gateway will be brokering data on numerous northbound and southbound interfaces. A security practitioner has the data encrypted while stored on the gateway and encrypted while transmitted across the network. Should this person be concerned with privacy while the data is in use?

  • A. Yes, because the hash wouldn't protect the integrity of the data.
  • B. Yes, because the data is vulnerable during processing.
  • C. No, because the data is inside the CPU's secure region while being used.
  • D. No, since the data is already encrypted while at rest and while in motion.

正解:B


質問 # 41
An embedded developer is about to release an IoT gateway. Which of the following precautions must be taken to minimize attacks due to physical access?

  • A. Remove all unneeded physical ports
  • B. Install a firewall on network ports
  • C. Allow access only to the software
  • D. Allow easy access to components

正解:A


質問 # 42
Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

  • A. Backdoor
  • B. Debugger
  • C. Stack pointer
  • D. Disassembler

正解:A


質問 # 43
Which of the following methods or technologies is most likely to be used to protect an IoT portal against protocol fuzzing?

  • A. Next-Generation Firewall (NGFW)
  • B. Secure Hypertext Transfer Protocol (HTTPS)
  • C. Public Key Infrastructure (PKI)
  • D. Hash-based Message Authentication Code (HMAC)

正解:A


質問 # 44
Which of the following methods is an IoT portal administrator most likely to use in order to mitigate Distributed Denial of Service (DDoS) attacks?

  • A. Require Internet Protocol Security (IPSec) for all inbound portal connections
  • B. Disable Network Address Translation Traversal (NAT-T) at the border firewall
  • C. Implement traffic scrubbers on the upstream Internet Service Provider (ISP) connection
  • D. Implement Domain Name System Security Extensions (DNSSEC) on all Internet-facing name servers

正解:C


質問 # 45
An IoT manufacturer needs to ensure that firmware flaws can be addressed even after their devices have been deployed. Which of the following methods should the manufacturer use to meet this requirement?

  • A. Ensure that ail firmware is signed using digital certificates prior to deployment
  • B. Ensure that device can accept Over-the-Air (OTA) firmware updates
  • C. Ensure that the bootloader can be accessed remotely using Secure Shell (SSH)
  • D. Ensure that a writable copy of the device's configuration is stored in flash memory

正解:B


質問 # 46
Which of the following methods or technologies is most likely to be used in order to mitigate brute force attacks?

  • A. Account lockout policy
  • B. Automated security logging
  • C. Role-based access control
  • D. Secure password recovery

正解:A


質問 # 47
It is a new employee's first day on the job. When trying to access secured systems, he incorrectly enters his credentials multiple times. Which resulting action should take place?

  • A. He notifies Human Resources.
  • B. He receives a new password.
  • C. His account is deleted.
  • D. His account is locked.

正解:D


質問 # 48
A web application is connected to an IoT endpoint. A hacker wants to steal data from the connection between them. Which of the following is NOT a method of attack that could be used to facilitate stealing data?

  • A. Cross-Site Scripting (XSS)
  • B. LDAP Injection
  • C. SQL Injection (SQLi)
  • D. Cross-Site Request Forgery (CSRF)

正解:B


質問 # 49
An IoT security architect needs to secure data in motion. Which of the following is a common vulnerability used to exploit unsecure data in motion?

  • A. Lack of memory space isolation
  • B. Misconfigured Secure Sockets Layer (SSL)/Transport Layer Security (TLS)
  • C. Databases and datastores
  • D. External flash access

正解:B


質問 # 50
A developer needs to apply a family of protocols to mediate network access. Authentication and Authorization has been implemented properly. Which of the following is the missing component?

  • A. Accounting
  • B. Inventory
  • C. Management
  • D. Auditing

正解:D


質問 # 51
Recently, you purchased a smart watch from Company A. You receive a notification on your watch that you missed a call and have a new message. Upon checking the message, you hear the following:
"Hello, my name is Julie Simmons, and I'm with Company A. I want to thank you for your recent purchase and send you a small token of our appreciation. Please call me back at 888-555-1234. You will need to enter your credit card number, so we can authenticate you and ship your gift. Thanks for being a valued customer and enjoy your gift!" Which of the following types of attacks could this be?

  • A. Spear phishing
  • B. Vishing
  • C. Whaling
  • D. Phishing

正解:A


質問 # 52
......


CertNexus ITS-10(認定されたモノのインターネットセキュリティプラクティショナー)認定試験は、モノのインターネット(IoT)デバイスとネットワークの保護に焦点を当てた専門的な認定です。この認定は、IoTセキュリティでのキャリアを追求することに関心のある専門家や、IoTセキュリティでのスキルを向上させたい人向けに設計されています。認定試験では、IoTデバイス、ネットワーク、およびアプリケーションを保護する候補者の知識とスキルを評価します。


ITS-110の認定試験は業界のリーダーや雇用主から認知されており、キャリアアップを目指す個人にとって価値ある資格となっています。この認定は、候補者がIoTデバイスやネットワークを確保するために必要な知識とスキルを持っていることを雇用主に示し、競争が激しい就職市場で専門家を目立たせることができます。

 

更新されたのはCertNexus ITS-110問題集PDFオンラインエンジン:https://jp.fast2test.com/ITS-110-premium-file.html

PDF試験材料は2023年最新の実際に出るITS-110問題集:https://drive.google.com/open?id=17QCOtClkoUCOh0xXlHXlB5HfQgGbj-g1


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어