
Title: Certified Internet of Things (IoT) Security Practitioner (Exam ITS-110)
Course Length:
3 days
Course Format:
Instructor Led, Virtual or on site
Overview:
According to the AT&T State of IoT Survey, 90% of businesses lack the full confidence that their IoT devices are secure. IoT creates exponential vulnerabilities which IT security teams are not currently prepared to defend. CertNexus’ Certified IoT Security Practitioner (CIoTSP) upskills your team by validating the knowledge, skills, and abilities to secure network environments for IoT devices, analyze vulnerabilities and determine reasonable controls against threats, and effectively monitor IoT devices and respond to incidents.
Course Objectives:
In this course, you will identify threats to cybersecurity and privacy within an IoT ecosystem and
implement appropriate countermeasures. You will:
- Use a risk management approach to select an appropriate response to privacy and
security risks within an IoT system. - Secure administrative and end-user portals used in IoT.
- Prevent flaws in authentication, authorization, and accounting that lead to various access control vulnerabilities.
- Secure IoT data in motion, at rest, and in use.
- Protect IoT networks, including local, wide area, mobile, and edge networks, from unauthorized access.
- Maintain the privacy of users while collecting useful and informative data.
- Manage risks related to IoT software and firmware to protect security and privacy.
- Take steps to improve physical security of IoT devices and networks.
Target Student:
This course is designed for IT professionals who want to design, implement, operate, and/or
manage a secure IoT ecosystem. This course is also designed for students who are seeking the CertNexus Certified Internet of Things Security Practitioner (CIoTSP) certification and who want to prepare for Exam ITS-110.
Prerequisites:
To ensure your success in this course you should have a fundamental understanding of IoT
ecosystems, which you can obtain by taking the following CertNexus course:
Certified Internet of Things (IoT) Practitioner (Exam ITP-110)
Course Content:
Lesson 1: Managing IoT Risks
Topic A: Map the IoT Attack Surface
Topic B: Design for Security
Lesson 2: Securing Web and Cloud Interfaces
Topic A: Identify Threats to IoT Web and Cloud Interfaces
Topic B: Prevent Injection Flaws
Topic C: Prevent Cross-Site Scripting Flaws
Topic D: Prevent Cross-Site Request Forgery Flaws
Topic E: Prevent Unvalidated Redirects and Forwards
Topic F: Prevent Session Management Flaws
Lesson 3: Managing Access to IoT Resources through Authentication, Authorization, and Accounting
Topic A: Identify the Need to Protect IoT Resources
Topic B: Implement Secure Authentication
Topic C: Implement Secure Authorization
Topic D: Implement Secure Accounting
Lesson 4: Securing Data
Topic A: Protect Data in Motion
Topic B: Protect Data at Rest
Topic C: Protect Data in Use
Lesson 5: Securing IoT Networks
Topic A: Ensure the Security of IP Networks
Topic B: Ensure the Security of Wireless Networks
Topic C: Ensure the Security of Mobile Networks
Topic D: Ensure the Security of IoT Edge Networks
Lesson 6: Ensuring Privacy
Topic A: Improve Data Collection to Reduce Privacy Concerns
Topic B: Protect Sensitive Data
Topic C: Dispose of Sensitive Data
Lesson 7: Managing Software and Firmware Risks
Topic A: Manage General Software Risks
Topic B: Manage Risks Related to Software Installation and Configuration
Topic C: Manage Risks Related to Software Patches and Updates
Topic D: Manage Risks Related to Operating Systems and Firmware
Lesson 8: Promoting Physical Security
Topic A: Protect Local Memory and Storage
Topic B: Protect Shell Access
