Description

Lesson 1: Managing IoT Risks

• Topic A: Map the IoT Attack Surface
• Topic B: Build in Security by Design

Lesson 2: Securing Web and Cloud Interfaces

• Topic A: Identify Threats to IoT Web and Cloud Interfaces
• Topic B: Prevent Injection Flaws
• Topic C: Prevent Session Management Flaws
• Topic D: Prevent Cross-Site Scripting Flaws
• Topic E: Prevent Cross-Site Request Forgery Flaws
• Topic F: Prevent Unvalidated Redirects and Forwards

Lesson 3: Securing Data

• Topic A: Use Cryptography Appropriately
• Topic B: Protect Data in Motion
• Topic C: Protect Data at Rest
• Topic D: Protect Data in Use

Lesson 4: Controlling Access to IoT Resources

• Topic A: Identify the Need to Protect IoT Resources
• Topic B: Implement Secure Authentication
• Topic C: Implement Secure Authorization
• Topic D: Implement Security Monitoring on IoT Systems

Lesson 5: Securing IoT Networks

• Topic A: Ensure the Security of IP Networks
• Topic B: Ensure the Security of Wireless Networks
• Topic C: Ensure the Security of Mobile Networks
• Topic D: Ensure the Security of IoT Edge Networks

Lesson 6: Ensuring Privacy

• Topic A: Improve Data Collection to Reduce Privacy Concerns
• Topic B: Protect Sensitive Data
• Topic C: Dispose of Sensitive Data

Lesson 7: Managing Software and Firmware Risks

• Topic A: Manage General Software Risks
• Topic B: Manage Risks Related to Software Installation and Configuration
• Topic C: Manage Risks Related to Software Patches and Updates
• Topic D: Manage Risks Related to IoT Device Operating Systems and Firmware

Lesson 8: Promoting Physical Security

• Topic A: Protect Local Memory and Storage
• Topic B: Prevent Physical Port Access

Prerequisites

Audience

This course is designed for IoT practitioners who are looking to improve their skills and knowledge of IoT security and privacy. This course is also designed for students who are seeking the Certified Internet of Things Security Practitioner (CIoTSP) certification and who want to prepare for Exam ITS-110.