Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

During a brute force test on his users’ passwords, the security administrator found several passwords that were cracked quickly. Which of the following passwords would have taken the longest to crack?

A.

GUESSmyPASSWORD

B.

Gu3$$MyP@s$w0Rd

C.

123my456password789

D.

**myPASSword**

A hacker wants to discover login names that may exist on a website. Which of the following responses to the login and password entries would aid in the discovery? (Choose two.)

A.

Your login attempt was unsuccessful

B.

Invalid password

C.

That user does not exist

D.

The username and/or password are incorrect

E.

Incorrect email/password combination

A hacker enters credentials into a web login page and observes the server's responses. Which of the following attacks is the hacker attempting?

A.

Account enumeration

B.

Directory traversal

C.

Buffer overflow

D.

Spear phishing

An IoT developer has endpoints that are shipped to users in the field. Which of the following best practices must be implemented for using default passwords after delivery?

A.

Implement two-factor authentication (2FA)

B.

Force a password change upon initial login

C.

Apply granular role-based access

D.

Protect against account enumeration

Which of the following attacks utilizes Media Access Control (MAC) address spoofing?

A.

Network Address Translation (NAT)

B.

Man-in-the-middle (MITM)

C.

Network device fuzzing

D.

Unsecured network ports

An IoT developer wants to ensure all sensor to portal communications are as secure as possible and do not require any client-side configuration. Which of the following is the developer most likely to use?

A.

Virtual Private Networking (VPN)

B.

Public Key Infrastructure (PKI)

C.

IP Security (IPSec)

D.

Secure/Multipurpose Internet Mail Extensions (S/MIME)

An Agile Scrum Master working on IoT solutions needs to get software released for a new IoT product. Since bugs could be found after deployment, which of the following should be part of the overall solution?

A.

A money back guarantee, no questions asked

B.

Over-the-Air (OTA) software updates

C.

A lifetime transferable warranty

D.

Free firmware updates if the product is sent back to the manufacturer

Which of the following tools or techniques is used by software developers to maintain code, but also used by hackers to maintain control of a compromised system?

A.

Disassembler

B.

Backdoor

C.

Debugger

D.

Stack pointer

A DevOps engineer wants to provide secure network services to an IoT/cloud solution. Which of the following countermeasures should be implemented to mitigate network attacks that can render a network useless?

A.

Network firewall

B.

Denial of Service (DoS)/Distributed Denial of Service (DDoS) mitigation

C.

Web application firewall (WAF)

D.

Deep Packet Inspection (DPI)

A cloud developer for an IoT service is storing billing information. Which of the following should be considered a common vulnerability in regard to this data that could be used to compromise privacy?

A.

Enabled notifications as required by law

B.

Lack of data retention policies

C.

Authorized access to personal information

D.

Secured data in motion and at rest