In order to minimize the risk of abusing access controls, which of the following is a good example of granular access control implementation?
An IoT security architect wants to implement Bluetooth between two nodes. The Elliptic Curve Diffie-Hellman (ECDH) cipher suite has been identified as a requirement. Which of the following Bluetooth versions can meet this requirement?
An IoT system administrator discovers that unauthorized users are able to log onto and access data on remote IoT monitoring devices. What should the system administrator do on the remote devices in order to address this issue?
An IoT systems integrator has a very old IoT gateway that doesn't offer many security features besides viewing a system configuration page via browser over HTTPS. The systems integrator can't get their modern browser to bring up the page due to a cipher suite mismatch. Which of the following must the integrator perform before the configuration page can be viewed?
A hacker is sniffing network traffic with plans to intercept user credentials and then use them to log into remote websites. Which of the following attacks could the hacker be attempting? (Choose two.)
In order to successfully perform a man-in-the-middle (MITM) attack against a secure website, which of the following could be true?
An IoT gateway will be brokering data on numerous northbound and southbound interfaces. A security practitioner has the data encrypted while stored on the gateway and encrypted while transmitted across the network. Should this person be concerned with privacy while the data is in use?
An IoT developer wants to ensure that data collected from a remotely deployed power station monitoring system is transferred securely to the cloud. Which of the following technologies should the developer consider?
A web administrator is concerned about injection attacks. Which of the following mitigation techniques should the web administrator implement?
A corporation's IoT security administrator has configured his IoT endpoints to send their data directly to a database using Secure Sockets Layer (SSL)/Transport Layer Security (TLS). Which entity provides the symmetric key used to secure the data in transit?
