IOT QUIZ CHAPTER 3

1-Which two CPU types are based on the Reduced Instruction Set Computing
architecture? (Choose two.)
ARM, MIPS

2-What is the function of an eMMC flash chip in an IoT device?

It is an embedded chip that stores the firmware, operating system, and
software.

3-An administrator wants to implement an access control model that makes access
decisions based on the role and responsibilities of an individual within an
organization. Which access control model best addresses this requirement?
role-based

4-A security engineer is researching the secure deployments of critical IoT devices.
How does the principle of identity and access management (IAM) define security
with these types of devices?
limits those who can access what resources and the privileges they have once
they obtain access

5-Which two scripting languages are designed to be executed directly under an

operating system? (Choose two.)
shell script, PowerShell

6-What are constrained devices as they relate to the IoT?

They have very limited power, memory, and processing cycles.

7-Which type of technology is classified as embedded software that includes a

minimal operating system for controlling an IoT device?
Firmware
8-A user is concerned that an attacker may have gained remote access to an IoT
device and is executing malicious commands. Which type of vulnerability best
describes this situation?
backdoor installation

9-What is meant by the term big.LITTLE computing?

It is a CPU technology that uses different CPU cores to handle tasks based on
processing requirements.

10-What is the function of a data encryption algorithm?

provides data confidentiality by making data unreadable to unauthorized
individuals

11-Which type of access control model uses access control lists to allow users to
control access to their own data?
Discretionary

12-Which interface is used to troubleshoot embedded system software?

JTAG

13-Which two commercial IoT operating systems support processors from multiple
manufacturers? (Choose two.)
VxWorks, Windows 10 IoT Core

14-Which two programming languages are examples of compiled languages?

(Choose two.)
C, Java

15-Which two pieces of information are needed to search for an IoT device in the
FCC ID database? (Choose two.)
product code, grantee code
16-Which type of memory media would provide space to store collected data in an
IoT device?
SD card

17-What are two IoT wireless standards that IoT manufacturers can use over longer
distances while still supporting some level of security? (Choose two.)
LTE-M, LoRa

18-What is the result of an attacker rooting an IoT device?

An attacker that gains root access has complete control over that device.

19-Which type of vulnerability is present when a programmer does not account for
the size of the input that a user might enter?
buffer overflow

20-What are three potential vulnerabilities related to a hardware sensor? (Choose

three.)
damage, tampering, environment manipulation

21-Which type of attack takes advantage of vulnerabilities in servers to grant

unauthorized users higher than approved levels of access?
privilege escalation

22-What is a key difference between an embedded device and a prototyping device?

An embedded device is programmed for one specific purpose, whereas a
prototyping device is designed to perform different functions.
IOT QUIZ CHAPTER 1

In an IoT healthcare monitoring system design, what kind of components form a body sensor
network?

Sensors

Which cloud computing application feature provides users with rich visualization to
discover and communicate categorized and summarized health exercise data?
dashboard

In a typical smart home, which device provides network connections for smart IoT
devices?
home gateway

Which device is targeted most by Mirai?

cctv

What tool is used by nefarious individuals or groups to accelerate reconnaissance of

internet-connected devices?
shodan

A threat actor uses network scanning tools and penetration tools to discover the IP
address and manufacturer of a home wireless router. The threat actor then uses
internet searches to discover the default administrative access details. Successful
remote access of the home router allows the threat actor to use it as a vector to
attack other devices. Which element of smart home security is affected by this
attack?
authentification

Which technology type includes a company receiving an unusual amount of phishing

emails?
information technology

What is the default name of the file that records the configuration settings when the
PL-App image is transferred to the µSD card?
chexnut.txt

Which IoT technology type would include a compromised home temperature sensor
causing a home to be uncomfortably hot?
consumer technology
Which type of security vulnerability was targeted by the ransomware WannaCry and
WannaCrypt?
unpatched, older versions of Windows

A threat actor parks close to the home of a user and uses packet capture software to
intercept the home wireless traffic. The threat actor then analyzes the traffic of the
temperature sensor of the home to determine if someone is in the house now. Which
factor of the smart home security system is affected by this attack?
encryption

Which technology type describes an SQL injection that has compromised a

database?
information technology

Which statement describes the function of the Kali VM?

Kali is a popular Linux distribution VM that contains many tools used for assessing
network security

What is the best practice to mitigate risks in healthcare IoT?

Ensure that the IoT devices in use or to be purchased are secure and that device
security has been adequately configured.

In a smart home implementation, fog computing is a better option compared with

cloud computing to process status and configuration changes for IoT devices.
true

According to the National Initiative for Cybersecurity Education (NICE) Cybersecurity

Workforce Framework by NIST, which work category defines Vulnerability
Assessment and Management?
Protect and Defend

Shodan is used by researchers to mine information about what devices are

connected, where they are connected, and what services are exposed.
true

What should be updated regularly to protect against newly discovered

vulnerabilities?
device firmware

Which storage medium is used to hold the PL-App image on a Raspberry Pi?
µSD card
Which statement describes a risk to a patient due to security vulnerabilities of
healthcare devices?
Vital therapies can be manipulated or interrupted.

According to the National Initiative for Cybersecurity Education (NICE) Cybersecurity

Workforce Framework by NIST, which work category defines risk management?
Securely Provision

In August of 2017, the FDA approved an update that fixed a security flaw in the
software that monitored a cardiac pacemaker. What is the wireless technology that
was used for monitoring the pacemaker?
radio frequency

IOT QUIZ CHAPTER 2

After threats are rated, what is the next step recommended by the Threat Model
Analysis for an IoT system?
Recommend mitigation.

Which statement describes IFTTT (If This Then That)?

It is a simple web service that allows the connection of an event to an action.

Which level of the IoT reference model converts data into information that is suitable
for storage and higher level processing?
fog computing

In the context of IoT in the manufacturing industry, which model segments devices
and equipment into hierarchical functions?
Purdue Model for Control Hierarchy

Match the term to the description.

threats → potential dangers to any asset such as data or components of the IoT
system,

threat actors → people or entities who exploit vulnerabilities,

vulnerabilities → weaknesses in the IoT system that could be exploited by a threat,

attack surfaces → different points where attackers could get into a system and
where they could get data out of the system

Which task in the step of decomposing the IoT system gathers information where
secure resources are stored and manipulated to see who has elevated rights?
Identify sensitive data.

What is the primary focus of data management in the IoT realm?

when and where data is processed

Which task in the step of decomposing the IoT system can gather information about
where data is input into the IoT system?
Identify entry points.

What is the function of the network access layer in the TCP/IP model?
controls hardware devices and media

What is the function of the DREAD tool?

It is used to rate threats

Match the category to the security objective of the Threat Model Analysis of an IoT
System.
financial → Document the financial risks of the various aspects of the IoT system so
that management can determine which level of risk is acceptable.,

reputation → Document any possible impact on the reputation of the organization if

the IoT system is attacked.,

privacy and regulation → Document the impact of privacy concerns as well as

regulation requirements.,

availability guarantees → Document the expected availability and guaranteed uptime

of the IoT system.,

identity → Document the controls that are in place to ensure that evidence is
collected on the identity of users accessing and using the IoT system.

What is the function of the STRIDE tool?

It is used to identify threats.
At which functional layer of the IoT simplified model would an aircraft turbine RPM
sensor exist?
device

In the IoT reference model, at which layer or layers of the model is security
implemented?
all levels of the IoT reference model

What are two benefits of using a layered model to explain protocols and operations?
(Choose two.)
They prevent technology or capability changes in one layer from affecting other
layers above and below.

They assist in protocol design because protocols operating at a specific layer have
defined information that they act upon and a defined interface to the layers above
and below.

Which domain of the ETSI model includes management functions such as data
analytics and connectivity management
application

Which document created in the Threat Model Analysis process will describe the IoT
system architecture?
the components of the IoT system at each layer

Which three types of documents should be included when documenting the IoT
system architecture using the Threat Model Analysis for an IoT System? (Choose
three.)
components of the IoT system at each layer

the flow of data between components and between layers

the technologies, protocols, and standards used to implement the IoT system
Which domain of the ETSI model includes sensors and gateways connecting to the
network through Bluetooth?
M2M

Which function is provided by the data abstraction level of the IoT reference model?
to render data and data storage in ways that enable application development

Which task in the step of decomposing the IoT system gathers information about
approaches to input validation, authentication, authorization, configuration, and any
other areas of the IoT system that are vulnerable?
Document the security profile.

What is a function that is provided by the network layer of the OSI model?
directing data packets to destination hosts on other networks

What are the three broad requirements specified by the CIA security triad?
Data must be protected from unauthorized access.

Data must always be acessible by the people who need to use it when they need to
use it.

Data must be protected from theft and unuthorized alteration or destruction.

Which layer of the OSI model contains protocols used for process-to-process
communications?
application

IOT QUIZ CHAPTER 4

Which two OWASP communication layer vulnerabilities should be researched when
securing the IoT device network services attack surface? (Choose two.)
information disclosure, vulnerable UDP services

Which basic security service protects against alteration of data while it is in transit?
message integrity

Which attack commonly includes the use of botnet and handler systems?
DDoS attack

Which devices scan and infect more targets during the process of a DDoS attack?
Zombies

Which two techniques are used to carry out DoS attacks? (Choose two.)

sending an overwhelming amount of traffic,

using maliciously formatted packets

Which attack involves threat actors positioning themselves between a source and
destination with the intent of transparently monitoring, capturing, and controlling the
communication?
man-in-the-middle attack
A home owner recently installed an IoT smart plug that was designed to be
controlled over the internet. After a couple of days the home owner notices a new
wireless name of Outlet4375 appears when they attempt to connect a smartphone to
the house wireless network. Which statement identifies the situation that is
occurring?

The smart plug was never connected to the home Wi-Fi and is awaiting a connection
on the Outlet4375 wireless network.

Which three IoT wireless mesh protocols are built on top of 802.15.4? (Choose
three.)

ZigBee
, 6LoWPAN,
Thread

Which customized IEEE 802.15.4 wireless topology can contain a large amount of
full function devices and a small amount of reduced function devices?
cluster-tree

In which type of scenario would an IoT gateway not be required to convert traffic to
Wi-Fi or wired ethernet?

when smart objects forward data using TCP/IP protocols

Which two techniques are used in a smurf attack? (Choose two.)

reflection,
amplification

Which two types of attacks are typically carried out by using ICMP messages?
(Choose two.)
DoS,
Reconnaissance

Which IoT wireless option is commonly used by devices that require a low power
wide-area network connection and do not use a fixed power supply?
LoRaWAN

Which two application layer protocols use UDP? (Choose two.)

DHCP
, TFTP

What are two of the most common wireless technologies used in home automation
and home security applications? (Choose two.)

Bluetooth,
Wi-Fi
Which type of IoT wireless deployment would allow smart objects to be deployed
over a very large area?

Mesh
Topology

A threat actor uses non-blind spoofing to launch an attack. What are two objectives
for the attack? (Choose two.)

determining the state of a firewall,

predicting TCP sequence-numbers

A threat actor uses a program to launch an attack by sending a flood of UDP packets
to a server on the network. The program sweeps through all of the known ports
trying to find closed ports. It causes the server to reply with an ICMP port
unreachable message and is similar to a DoS attack. Which two programs could be
used by the threat actor to launch the attack? (Choose two.)

UDP Unicorn
, Low Orbit Ion Cannon

Why would an engineer only use very short-range radios to allow sensor data to
travel from node to node until the data reaches the IoT gateway?

Power
Constraints

When does the level of trust and reliability of data change during communication
between IoT systems?

when data is generated by a device inside a trusted network and travels to an

untrusted network

After host A receives a web page from server B, host A terminates the connection
with server B.

Match each option to its correct step in the normal termination proccess for a TCP
connection.

Server B sends a FIN to host A. → Step 3,

Host A sends a FIN to server B. → Step 1,

Server B sends an ACK to host A. → Step 2,

Host A sends an ACK to server B. → Step 4

Which OWASP communication layer vulnerability should be researched when
securing the IoT network traffic attack surface?

protocol fuzzing

Which type of IoT wireless network would interconnect audio devices and smart
watches to a cell phone that serves as an IoT gateway?

wireless personal-area network

Which network environment is suitable for a Media Access Control (MAC) address
spoofing attack?

inside an internal network

Which parameter is used to identify applications when a user sends a service

request to a remote server?

destination port number

IOT QUIZ CHAPTER 5

True or False? On some home routers, to compromise the security on the router, a
Flash applet can be used to change the DNS server settings with an UPnP request.
true
What is a characteristic of the message queueing telemetry transport (MQTT)
publish-subscribe model?
It allows for a retained messages option that can be used to provide status updates.

What are two of the most widely exposed vulnerabilities currently listed by the Open
Web Applications Security Project (OWASP)? (Choose two.)
username enumeration, account lockout
For which type of devices is the use of DDS (data distribution service) in M2M
connections well suited?
for devices that measure real-time data in microseconds that need to be filtered and
delivered efficiently
Which password is the most hardened password for use on an IoT device?
Hnmmmkoty#4
Which popular exploit used by threat actors fills the communications channel so that
the targeted device responds to requests late or not at all?
DoS
What is a commonly exposed mobile application vulnerability
insecure data storage
What is a characteristic of the constrained application protocol (CoAP)?
It allows for efficient sensor and node communication without requiring a centralized
control mechanism.
How does UPnP assist a user to easily set up network-enabled devices?
It automatically configures communication between UPnP-enabled devices.
A threat actor has hijacked a session to assume the identity of a valid user. Which
web front-end vulnerability is the threat actor exploiting?
broken authentication
What is a characteristic of Extensible Messaging and Presence Protocol (XMPP)?
It uses an addressing scheme (name@domain.com) which helps simplify
connections.
What is one of the most widely exposed vulnerabilities listed by the Open Web
Applications Security Project (OWASP)?
single-factor authentication

A threat actor has injected JavaScript code into the output of a web application and
is manipulating client-side scripts to run as desired in the browser. Which web front-
end vulnerability is the threat actor exploiting?
cross-site scripting
A threat actor has placed a rogue device on the network to manipulate the chosen
destination of all packets. Which remote exploit was used by the threat actor?
routing attack
What is a characteristic of the Constrained Application Protocol (CoAP)?
It is a document transfer protocol.
What is a characteristic of the message queueing telemetry transport (MQTT)
protocol?
The MQTT protocol requires a message broker.
A client wants to deploy MQTT on a large enterprise network and is worried about
the security of MQTT. The client wants all messages encrypted, including all
messages between the broker and clients. What could the client do to achieve this
goal?
Apply payload encryption.
What is the safest way to prevent an XXE attack?
Disable XML external entity and DTD processing in the application.
Which attack involves a compromise of data that occurs between two end points?
man-in-the-middle attack
Which popular exploit used by threat actors intercepts a system update and injects
an update of their own?
firmware replacement

IoT Security 1.1 Chapter 6 Quiz

Which statement describes the Common Vulnerability Scoring System (CVSS)?
It is a risk assessment system.
When using a third party assessor to perform a grey box vulnerability assessment for
an organization, what type of information is commonly provided to the assessor?
specific knowledge of current vulnerabilities
What is a disruptive technology?
a technology that can displace competitors because it uses a very different approach
Match the CVSS metric group with the correct description.
Temporal metric group → measures the characteristics of a vulnerability that may
change over time, but not across user environments,

Base metric group → represents the characteristics of a vulnerability that are

constant over time and across contexts,

Environmental metric group → measures the aspects of a vulnerability that are

rooted in the environment of a specific organization
What is the purpose of performing a vulnerability assessment?
Identify vulnerabilities that are likely to be exploited by threat actors.
What is proof of work as it relates to blockchain?
It is an algorithm used for transaction validation.
Which three steps of the defense-centric threat modeling process are concerned with
understanding the IoT system? (Choose three.)
Identify security objectives., Decompose the IoT system., Document the IoT system
architecture.
What is used as the mathematical scheme for authenticating digital information in a
blockchain?
digital signature
How should trust boundaries be established in an IoT system?
between two entities where the level of trust at either end of a flow is different
What describes a block as it is used in blockchain technology?
a list of transactions linked together with other lists of transactions
Which type of password attack is inefficient because it attempts to use every
possible combination of letters, numbers, and symbols to access a system?
brute force
What is the name of the first block that is created in a blockchain?
genesis block
What is a characteristic of a blockchain?
It is immutable
Which blockchain feature is used to track the transaction process?
decentralized ledger
Which type of global network topology is used by blockchain technology?
peer-to-peer
In the video Blockchain: The Next Frontier of IoT, what fundamental question does
the Trusted IoT Alliance try to answer?
How do you drive the integrity around the data, the management, and the operations
of IoT devices and networks?
Which type of security tool is used to discover hosts on the network, locate open
ports, and identify the operating system running on a host?
port mapping tools
What is a way that blockchain can help in the field of IoT?
It can track sensor data measurements and prevent malicious data.
Which statement describes the purpose of a data flow diagram (DFD) of an IoT
system?
A DFD depicts the pathways that data will take between different functional
components of the system.
Which problem associated with transactions is solved by blockchain technology?
trust
What describes proof of work as it is used in a blockchain technology?
a process to validate transactions between blocks
Which password attack method uses a list that contains hashed values and clear text
equivalents in order to speed up the process of gaining entry to a system?
rainbow tables
When hiring a third party team to perform a black box vulnerability assessment for an
organization, how much information is commonly provided to the team?
no knowledge of current network architecture