Certified Internet of Things Security Practitioner (CIoTSP)
(ITS-110.AK1)/ISBN:978-1-64459-207-6
Kick start your prep for the CIoTSP exam with the Certified Internet of Things Security Practitioner (CIoTSP) course and lab. The lab provides a hands-on learning experience in a safe, online environment. The IoT certification course and lab cover the ITS-110 exam objectives and teach you about securing data, addressing privacy concerns, securing software/firmware, enhancing physical security, and more. After completing this ITS-110 training course, you will have the foundational skill set of IoT concepts, technologies, and tools.
Here's what you will get
The CIoTSP certification exam is ideal for IoT security practitioners. The ITS-110 exam will prove that the certified candidate has the skills required to design, implement, operate, and/or manage a secure IoT ecosystem. The CertNexus’ Certified IoT Security Practitioner (CIoTSP) certification program will validate the knowledge to secure network environments for IoT devices, analyze vulnerabilities, and determine reasonable controls against threats.
Lessons
10+ Lessons | 80+ Quizzes | 107+ Flashcards | 107+ Glossary of terms
TestPrep
50+ Pre Assessment Questions | 1+ Full Length Tests | 100+ Post Assessment Questions | 100+ Practice Test Questions
Hands-On Labs
24+ LiveLab | 00+ Minutes
Need guidance and support? Click here to check our Instructor Led Course.
Here's what you will learn
Download Course OutlineLessons 1: Introduction
- Course Description
- How to Use This Course
Lessons 2: Managing IoT Risks
- Topic A: Map the IoT Attack Surface
- Topic B: Build in Security by Design
- Summary
Lessons 3: Securing Web and Cloud Interfaces
- Topic A: Identify Threats to IoT Web and Cloud Interfaces
- Topic B: Prevent Injection Flaws
- Topic C: Prevent Session Management Flaws
- Topic D: Prevent Cross-Site Scripting Flaws
- Topic E: Prevent Cross-Site Request Forgery Flaws
- Topic F: Prevent Unvalidated Redirects and Forwards
- Summary
Lessons 4: Securing Data
- Topic A: Use Cryptography Appropriately
- Topic B: Protect Data in Motion
- Topic C: Protect Data at Rest
- Topic D: Protect Data in Use
- Summary
Lessons 5: Controlling Access to IoT Resources
- Topic A: Identify the Need to Protect IoT Resources
- Topic B: Implement Secure Authentication
- Topic C: Implement Secure Authorization
- Topic D: Implement Security Monitoring on IoT Systems
- Summary
Lessons 6: Securing IoT Networks
- Topic A: Ensure the Security of IP Networks
- Topic B: Ensure the Security of Wireless Networks
- Topic C: Ensure the Security of Mobile Networks
- Topic D: Ensure the Security of IoT Edge Networks
- Summary
Lessons 7: Ensuring Privacy
- Topic A: Improve Data Collection to Reduce Privacy Concerns
- Topic B: Protect Sensitive Data
- Topic C: Dispose of Sensitive Data
- Summary
Lessons 8: Managing Software and Firmware Risks
- Topic A: Manage General Software Risks
- Topic B: Manage Risks Related to Software Installation and Configuration
- Topic C: Manage Risks Related to Software Patches and Updates
- Topic D: Manage Risks Related to IoT Device Operating Systems and Firmware
- Summary
Lessons 9: Promoting Physical Security
- Topic A: Protect Local Memory and Storage
- Topic B: Prevent Physical Port Access
- Summary
Appendix A: Mapping CertNexus Certified Internet...tioner Exam ITS-110 Objectives to Course Content
Hands-on LAB Activities
Securing Web and Cloud Interfaces
- Creating a New Inbound Rule
- Exploiting LDAP-Based Authentication
- Exploiting a Website Using SQL Injection
- Using OWASP ZAP
Securing Data
- Applying Symmetric Key Encryption
- Using the MD5 Hash Algorithm
- Using OpenSSL to Create a Public/Private Key Pair
- Performing a MITM Attack
- Performing a Memory-Based Attack
Securing IoT Networks
- Performing ARP Spoofing
- Spoofing MAC Address
- Obtaining Information about Different IP Versions
- Obtaining Hardware Information of a Network Adapter
- Obtaining the ARP Cache
- Obtaining the IP Version of a Network Adapter
- Obtaining the IP Route Information from the IP Routing Table
- Obtaining Information about the Net Firewall Profile
- Getting the TCP Settings
- Getting Information about the Current Connection Statistics of TCP
- Getting Information about the TCP Ports
- Getting the UDP Settings
- Getting Information about the Current Connection Statistics of UDP
- Getting Information about the UDP Ports
- Scanning the Local Network
Exam FAQs
There are no formal prerequisites to register for and schedule an exam, but CertNexus strongly recommends that the candidate should have an:
- Understanding of the IoT system/software development life cycle.
- Understanding of common IoT safety and risk management approaches.
- Understanding of common IoT security and privacy threats and countermeasures.
- Understanding of the fundamental benefits and challenges of securing IoT systems.
- Understanding of an IoT ecosystem, including the physical elements, edge/fog computing elements, network and connectivity elements, cloud and cloud platform elements, and the applications and “Things” within various market sectors.
No application fee
Multiple Choice/Multiple Response
The exam contains 100 questions.
120 minutes
60%
Any candidates who do not pass a CertNexus certification exam on the first attempt are eligible for one free retake after 30 calendar days from the time they took the initial exam. All CertNexus certification exam vouchers include one free retake. Candidates must purchase another voucher for any subsequent attempts beyond the first free retake.
TBD (typically, 3 years from Launch Date)