certnexus ITS-110 Exam Questions

Questions for the ITS-110 were updated on : Nov 21 ,2025

Page 1 out of 7. Viewing questions 1-15 out of 100

Question 1

A site administrator is not enforcing strong passwords or password complexity. To which of the
following types of attacks is this system probably MOST vulnerable?

  • A. Key logger attack
  • B. Dictionary attack
  • C. Collision attack
  • D. Phishing attack
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference: https://www.techtarget.com/searchsecurity/definition/dictionary-attack

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 2

Which of the following methods or technologies is most likely to be used in order to mitigate brute
force attacks?

  • A. Account lockout policy
  • B. Automated security logging
  • C. Role-based access control
  • D. Secure password recovery
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://www.sciencedirect.com/topics/computer-science/account-lockout-
policy#:~:text=Account%20lockout%20policies%20are%20used,twice%2C%20but%20not%20numero
us%20times

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 3

An IoT system administrator wants to mitigate the risk of rainbow table attacks. Which of the
following methods or technologies can the administrator implement in order to address this
concern?

  • A. Enable account lockout
  • B. Enable account database encryption
  • C. Require frequent password changes
  • D. Require complex passwords
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 4

If an attacker were able to gain access to a user's machine on your network, which of the following
actions would she most likely take next?

  • A. Start log scrubbing
  • B. Escalate privileges
  • C. Perform port scanning
  • D. Initiate reconnaissance
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 5

A developer needs to implement a highly secure authentication method for an IoT web portal. Which
of the following authentication methods offers the highest level of identity assurance for end users?

  • A. A hardware-based token generation device
  • B. An X.509 certificate stored on a smart card
  • C. Two-step authentication with complex passwords
  • D. Multi-factor authentication with three factors
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference:
https://www.techtarget.com/search/query?q=Multi-
factor+authentication+with+three+factors

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 6

A hacker is attempting to exploit a known software flaw in an IoT portal in order to modify the site's
administrative configuration. Which of the following BEST describes the type of attack the hacker is
performing?

  • A. Privilege escalation
  • B. Transmission control protocol (TCP) flooding
  • C. Application fuzzing
  • D. Birthday attack
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference: https://www.cynet.com/network-attacks/privilege-escalation/

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 7

Which of the following functions can be added to the authorization component of AAA to enable the
principal of least privilege with flexibility?

  • A. Discretionary access control (DAC)
  • B. Role-based access control (RBAC)
  • C. Mandatory access control (MAC)
  • D. Access control list (ACL)
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 8

Passwords should be stored…

  • A. For no more than 30 days.
  • B. Only in cleartext.
  • C. As a hash value.
  • D. Inside a digital certificate.
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference: https://snyk.io/learn/password-storage-best-practices/

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 9

In order to minimize the risk of abusing access controls, which of the following is a good example of
granular access control implementation?

  • A. System administrator access
  • B. Least privilege principle
  • C. Guest account access
  • D. Discretionary access control (DAC)
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which of the following techniques protects the confidentiality of the information stored in
databases?

  • A. Hashing
  • B. Archiving
  • C. Monitoring
  • D. Encryption
Answer:

D

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 11

During a brute force test on his users’ passwords, the security administrator found several passwords
that were cracked quickly. Which of the following passwords would have taken the longest to crack?

  • A. GUESSmyPASSWORD
  • B. Gu3$$MyP@s$w0Rd
  • C. 123my456password789
  • D. **myPASSword**
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 12

A developer needs to apply a family of protocols to mediate network access. Authentication and
Authorization has been implemented properly. Which of the following is the missing component?

  • A. Management
  • B. Accounting
  • C. Auditing
  • D. Inventory
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

An IoT developer wants to ensure that their cloud management portal is protected against
compromised end-user credentials. Which of the following technologies should the developer
implement?

  • A. An authentication policy that requires a password at initial logon, and a second password in order to access advanced features.
  • B. An authentication policy which requires user passwords to include twelve characters, including uppercase, lowercase, and special characters.
  • C. An authentication policy that requires a user to provide a strong password and on-demand token delivered via SMS.
  • D. An authentication policy which requires two random tokens generated by a hardware device.
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%

Explanation:
Reference: https://en.wikipedia.org/wiki/Multi-factor_authentication

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 14

An OT security practitioner wants to implement two-factor authentication (2FA). Which of the
following is the least secure method to use for implementation?

  • A. Out-of-band authentication (OOBA)
  • B. 2FA over Short Message Service (SMS)
  • C. Authenticator Apps for smartphones
  • D. Fast Identity Online (FIDO) Universal 2nd Factor (U2F) USB key
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 15

An embedded engineer wants to implement security features to be sure that the IoT gateway under
development will only load verified images. Which of the following countermeasures could be used
to achieve this goal?

  • A. Implement Over-The-Air (OTA) updates
  • B. Enforce a secure boot function
  • C. Enforce a measured boot function
  • D. Harden the update server
Answer:

B

User Votes:
A
50%
B
50%
C
50%
D
50%

Discussions
vote your answer:
A
B
C
D
0 / 1000
To page 2