-
web.groovymark@gmail.com
- November 30, 2024
Question 21
Which component in the Lambda architecture acts as the streaming layer?
a) Real-time engine
b) Batch engine
c) Serving backend
d) Data storage
Correct Answer: a) Real-time engine
Explanation: The real-time engine processes streaming data in the Lambda architecture.
Question 22
What does an information consumer do in an IoT ecosystem?
a) Collects data from their sensors
b) Builds applications using data after consent
c) Communicates risks with the data owner
d) Maintains backups of collected data
Correct Answer: b) Builds applications using data after consent
Explanation: Information consumers develop applications that utilize data while ensuring compliance with regulations.
Question 23
Which vulnerability do IoT botnets exploit on devices?
a) Unencrypted communications
b) Default credentials
c) Cleartext passwords
d) Physical security flaws
Correct Answer: b) Default credentials
Explanation: IoT botnets often take advantage of devices that still use their factory default credentials.
Question 24
Which two stakeholder groups help address IoT security challenges? Choose 2 answers.
- Governments
- Universities
- Standards development bodies
4. Law enforcement
a) 2, 3
b) 1, 2
c) 1, 3
d) 1, 4
Correct Answer: c) 1, 3
Explanation: Governments and standards bodies are vital for implementing policies and guidelines related to IoT security.
Question 25
What issues can arise from insecurely configured IoT devices? Choose 2 answers.
- Devices compromised to provide fake data
- Device hardware destroyed
- Devices forming botnets
4. Software built into a sandbox
a) 2, 3
b) 1, 3
c) 3, 4
d) 2, 4
Correct Answer: b) 1, 3
Explanation: Insecure devices may be hijacked to produce false data or integrated into botnets for malicious purposes.
Question 26
What type of malware creates a network of compromised IoT devices?
a) Macro
b) Ransomware
c) Botnet
d) Cross-site scripting
Correct Answer: c) Botnet
Explanation: A botnet consists of compromised devices controlled by an attacker, often used for launching attacks.
Question 27
What allows Mirai malware to infect IoT devices?
a) Cloud storage
b) Default passwords
c) Plaintext communication
d) Stolen certificates
Correct Answer: b) Default passwords
Explanation: Mirai malware exploits devices that have not had their default passwords changed, making them vulnerable.
Question 28
What should a company consider when designing an IoT tracker for security? Choose 2 answers.
- Device secure boot
- Credential management
- Physical security
4. Application security
a) 1, 3
b) 1, 2
c) 2, 3
d) 3, 4
Correct Answer: b) 1, 2
Explanation: Secure boot and credential management are crucial for preventing unauthorized access to IoT devices.
Question 29
What guideline should an IoT-based security system follow to secure radio data?
a) Device secure boot
b) Application security
c) Physical security
d) Network connections
Correct Answer: d) Network connections
Explanation: Secure network connections are essential for protecting data transmitted over wireless communication.
Question 30
What type of attack is characterized by multiple compromised IoT devices targeting a database?
a) SQL injection
b) Cross-site scripting
c) DDoS attack
d) Spear phishing
Correct Answer: c) DDoS attack
Explanation: DDoS attacks overwhelm a target with traffic from multiple sources, disrupting services.
Question 31
What best practice should a company follow to ensure filesystem permissions are correct?
a) Device secure boot
b) Secure operating system
c) Physical security
d) Application security
Correct Answer: b) Secure operating system
Explanation: A secure operating system helps enforce proper permissions and security protocols for file access.
Question 32
In IoT, which guideline should protect personal data?
a) Device secure boot
b) Application security
c) Securing software updates
d) Physical security
Correct Answer: b) Application security
Explanation: Application security measures are critical for protecting personal data during its lifecycle.
Question 33
What framework helps organizations understand cybersecurity best practices?
a) NIST Cybersecurity Framework
b) GDPR
c) IoT Security Foundation Guidelines
d) California Consumer Privacy Act
Correct Answer: a) NIST Cybersecurity Framework
Explanation: The NIST Cybersecurity Framework provides guidance on managing and improving cybersecurity practices.
Question 34
What is a primary concern regarding the use of IoT devices in consumer markets?
a) High costs
b) User adoption
c) Data privacy
d) Limited functionality
Correct Answer: c) Data privacy
Explanation: Data privacy is a significant concern, as consumer IoT devices often collect sensitive personal information.
Question 35
How does blockchain ensure data integrity in IoT applications?
a) By centralizing data storage
b) Through decentralized ledgers
c) By enforcing strict access controls
d) By providing faster data processing
Correct Answer: b) Through decentralized ledgers
Explanation: Blockchain technology uses decentralized ledgers to ensure that data is tamper-proof and reliable.
Question 36
What type of IoT device continuously monitors a user’s activities?
a) Smart meter
b) Wearable device
c) Sensor
d) Controller
Correct Answer: b) Wearable device
Explanation: Wearable devices monitor health metrics and daily activities, providing valuable insights for users.
Question 37
What is an ethical issue when using IoT in healthcare?
a) Data storage costs
b) User engagement
c) Privacy of patient data
d) Device reliability
Correct Answer: c) Privacy of patient data
Explanation: Ensuring the privacy of sensitive patient data is a critical ethical concern in healthcare IoT applications.
Question 38
What framework governs IoT-related data protection in the EU?
a) GDPR
b) CCPA
c) NIST
d) HIPAA
Correct Answer: a) GDPR
Explanation: GDPR sets strict rules for the protection of personal data and privacy in the European Union.
Question 39
Which regulatory body oversees cybersecurity practices in the U.S.?
a) NIST
b) FTC
c) FCC
d) FDA
Correct Answer: b) FTC
Explanation: The Federal Trade Commission enforces consumer protection laws and oversees cybersecurity practices.
Question 40
What does the acronym PII stand for in data protection?
a) Personal Identifiable Information
b) Public Information Infrastructure
c) Privacy Impact Investigation
d) Personal Internet Interaction
Correct Answer: a) Personal Identifiable Information
Explanation: PII refers to information that can be used to identify an individual, and its protection is critical in data privacy laws.