Certified Internet of Things Security Practitioner (CIoTSP)

(ITS-110.AK1)/ISBN:978-1-64459-207-6

This course includes
Lessons
TestPrep
Hand-on Lab
AI Tutor (Add-on)

Kick start your prep for the CIoTSP exam with the Certified Internet of Things Security Practitioner (CIoTSP) course and lab. The lab provides a hands-on learning experience in a safe, online environment. The IoT certification course and lab cover the ITS-110 exam objectives and teach you about securing data, addressing privacy concerns, securing software/firmware, enhancing physical security, and more. After completing this ITS-110 training course, you will have the foundational skill set of IoT concepts, technologies, and tools. 

Here's what you will get

  The CIoTSP certification exam is ideal for IoT security practitioners. The ITS-110 exam will prove that the certified candidate has the skills required to design, implement, operate, and/or manage a secure IoT ecosystem. The CertNexus’ Certified IoT Security Practitioner (CIoTSP) certification program will validate the knowledge to secure network environments for IoT devices, analyze vulnerabilities, and determine reasonable controls against threats.

Lessons

10+ Lessons | 80+ Quizzes | 107+ Flashcards | 107+ Glossary of terms

TestPrep

50+ Pre Assessment Questions | 1+ Full Length Tests | 100+ Post Assessment Questions | 100+ Practice Test Questions

Hand on lab

24+ LiveLab | 00+ Minutes

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • Course Description
  • How to Use This Course

Lessons 2: Managing IoT Risks

  • Topic A: Map the IoT Attack Surface
  • Topic B: Build in Security by Design
  • Summary

Lessons 3: Securing Web and Cloud Interfaces

  • Topic A: Identify Threats to IoT Web and Cloud Interfaces
  • Topic B: Prevent Injection Flaws
  • Topic C: Prevent Session Management Flaws
  • Topic D: Prevent Cross-Site Scripting Flaws
  • Topic E: Prevent Cross-Site Request Forgery Flaws
  • Topic F: Prevent Unvalidated Redirects and Forwards
  • Summary

Lessons 4: Securing Data

  • Topic A: Use Cryptography Appropriately
  • Topic B: Protect Data in Motion
  • Topic C: Protect Data at Rest
  • Topic D: Protect Data in Use
  • Summary

Lessons 5: Controlling Access to IoT Resources

  • Topic A: Identify the Need to Protect IoT Resources
  • Topic B: Implement Secure Authentication
  • Topic C: Implement Secure Authorization
  • Topic D: Implement Security Monitoring on IoT Systems
  • Summary

Lessons 6: Securing IoT Networks

  • Topic A: Ensure the Security of IP Networks
  • Topic B: Ensure the Security of Wireless Networks
  • Topic C: Ensure the Security of Mobile Networks
  • Topic D: Ensure the Security of IoT Edge Networks
  • Summary

Lessons 7: Ensuring Privacy

  • Topic A: Improve Data Collection to Reduce Privacy Concerns
  • Topic B: Protect Sensitive Data
  • Topic C: Dispose of Sensitive Data
  • Summary

Lessons 8: Managing Software and Firmware Risks

  • Topic A: Manage General Software Risks
  • Topic B: Manage Risks Related to Software Installation and Configuration
  • Topic C: Manage Risks Related to Software Patches and Updates
  • Topic D: Manage Risks Related to IoT Device Operating Systems and Firmware
  • Summary

Lessons 9: Promoting Physical Security

  • Topic A: Protect Local Memory and Storage
  • Topic B: Prevent Physical Port Access
  • Summary

Appendix A: Mapping CertNexus Certified Internet...tioner Exam ITS-110 Objectives to Course Content

Hands-on LAB Activities

Securing Web and Cloud Interfaces

  • Creating a New Inbound Rule
  • Exploiting LDAP-Based Authentication
  • Exploiting a Website Using SQL Injection
  • Using OWASP ZAP

Securing Data

  • Applying Symmetric Key Encryption
  • Using the MD5 Hash Algorithm
  • Using OpenSSL to Create a Public/Private Key Pair
  • Performing a MITM Attack
  • Performing a Memory-Based Attack

Securing IoT Networks

  • Performing ARP Spoofing
  • Spoofing MAC Address
  • Obtaining Information about Different IP Versions
  • Obtaining Hardware Information of a Network Adapter
  • Obtaining the ARP Cache
  • Obtaining the IP Version of a Network Adapter
  • Obtaining the IP Route Information from the IP Routing Table
  • Obtaining Information about the Net Firewall Profile
  • Getting the TCP Settings
  • Getting Information about the Current Connection Statistics of TCP
  • Getting Information about the TCP Ports
  • Getting the UDP Settings
  • Getting Information about the Current Connection Statistics of UDP
  • Getting Information about the UDP Ports
  • Scanning the Local Network

Exam FAQs

There are no formal prerequisites to register for and schedule an exam, but CertNexus strongly recommends that the candidate should have an:

  • Understanding of the IoT system/software development life cycle.
  • Understanding of common IoT safety and risk management approaches.
  • Understanding of common IoT security and privacy threats and countermeasures.
  • Understanding of the fundamental benefits and challenges of securing IoT systems.
  • Understanding of an IoT ecosystem, including the physical elements, edge/fog computing elements, network and connectivity elements, cloud and cloud platform elements, and the applications and “Things” within various market sectors.

No application fee

Multiple Choice/Multiple Response

The exam contains 100 questions.

120 minutes

60%

Any candidates who do not pass a CertNexus certification exam on the first attempt are eligible for one free retake after 30 calendar days from the time they took the initial exam. All CertNexus certification exam vouchers include one free retake. Candidates must purchase another voucher for any subsequent attempts beyond the first free retake.

TBD (typically, 3 years from Launch Date)