IoT Security 1.1 Chapter 4 Quiz Exam Answers
1. Why would an engineer only use very short-range radios to allow sensor data to travel from node to node until the data reaches the IoT gateway?
- increased bandwidth
- channel requirements
- power constraints
- high availability
2. A home owner recently installed an IoT smart plug that was designed to be controlled over the internet. After a couple of days the home owner notices a new wireless name of Outlet4375 appears when they attempt to connect a smartphone to the house wireless network. Which statement identifies the situation that is occurring?
- The smart plug will always broadcast the Outlet4375 wireless name for management connections.
- The wireless network name of Outlet4375 is a wireless network used for securely isolating the network traffic of the smart plug.
- The smart plug was never connected to the home Wi-Fi and is awaiting a connection on the Outlet4375 wireless network.
- The home Wi-Fi network name should be changed to match the Outlet4375 wireless network name in order to activate the smart plug.
3. Which OWASP communication layer vulnerability should be researched when securing the IoT network traffic attack surface?
- replay attack
- unencrypted services
- protocol fuzzing
4. A threat actor uses non-blind spoofing to launch an attack. What are two objectives for the attack? (Choose two.)
- depleting the batteries of IP-based IoT devices
- flooding the network with maliciously formatted packets
- overwhelming web servers
- determining the state of a firewall
- predicting TCP sequence-numbers
5. Which type of IoT wireless network would interconnect audio devices and smart watches to a cell phone that serves as an IoT gateway?
- wireless home-area network
- wireless personal-area network
- wireless field-area network
- wireless body-area network
6. In which type of scenario would an IoT gateway not be required to convert traffic to Wi-Fi or wired ethernet?
- when smart objects forward data within a mesh network
- when smart objects forward data using TCP/IP protocols
- when smart objects forward data within a hub-and-spoke topology
- when smart objects forward data within a star topology
7. Which attack involves threat actors positioning themselves between a source and destination with the intent of transparently monitoring, capturing, and controlling the communication?
- ICMP attack
- man-in-the-middle attack
- DoS attack
- SYN flood attack
8. Which parameter is used to identify applications when a user sends a service request to a remote server?
- server IP address
- source port number
- TCP sequence number
- destination port number
9. Which two OWASP communication layer vulnerabilities should be researched when securing the IoT device network services attack surface? (Choose two.)
- vulnerable UDP services
- information disclosure
- non-standard protocols
10. Which customized IEEE 802.15.4 wireless topology can contain a large amount of full function devices and a small amount of reduced function devices?
11. Which type of IoT wireless deployment would allow smart objects to be deployed over a very large area?
- mesh topology
- hub-and-spoke topology
- star topology
- IP capable topology
12. Which basic security service protects against alteration of data while it is in transit?
- replay protection
- message confidentiality
- message integrity
- access control
13. Which IoT wireless option is commonly used by devices that require a low power wide-area network connection and do not use a fixed power supply?
14. Which three IoT wireless mesh protocols are built on top of 802.15.4? (Choose three.)
- Bluetooth Low Energy
- near field communication
15. Which two techniques are used in a smurf attack? (Choose two.)
- resource exhaustion
- session hijacking
16. After host A receives a web page from server B, host A terminates the connection with server B. Match each option to its correct step in the normal termination proccess for a TCP connection.
- Host A sends an ACK to server B. → Step 4
- Host A sends a FIN to server B. → Step 1
- Server B sends an ACK to host A. → Step 2
- Server B sends a FIN to host A. → Step 3
17. Which devices scan and infect more targets during the process of a DDoS attack?
- web servers
- CnC servers
18. Which two types of attacks are typically carried out by using ICMP messages? (Choose two.)
- password gathering
- opening back doors
- relaying spam
19. Which two techniques are used to carry out DoS attacks? (Choose two.)
- using ICMP messages to profile host operating systems
- using maliciously formatted packets
- gaining access to the physical network and hijacking a current session
- sending an overwhelming amount of traffic
- using pings to discover subnets and hosts on a network
20. Which two application layer protocols use UDP? (Choose two.)
21. When does the level of trust and reliability of data change during communication between IoT systems?
- when data is generated by a device inside a trusted network and travels to an untrusted network
- when data is generated by a device inside an untrusted network and stays in an untrusted network
- when data is generated by a device within a DMZ and stays within the DMZ
- when data is generated by a device inside a trusted network and stays within the network
22. What are two of the most common wireless technologies used in home automation and home security applications? (Choose two.)
- near field communication
- IEEE 802.15.4
23. A threat actor uses a program to launch an attack by sending a flood of UDP packets to a server on the network. The program sweeps through all of the known ports trying to find closed ports. It causes the server to reply with an ICMP port unreachable message and is similar to a DoS attack. Which two programs could be used by the threat actor to launch the attack? (Choose two.)
- UDP Unicorn
- Low Orbit Ion Cannon
24. Which attack commonly includes the use of botnet and handler systems?
- DoS attack
- address spoofing attack
- ICMP attack
- DDoS attack
25. Which network environment is suitable for a Media Access Control (MAC) address spoofing attack?
- on a WAN connection
- inside an internal network
- between an organization network and ISP
- within the cloud