IOT

Question 1

Edge Technology Layer

Answer 1

This layer consists of all the hardware parts like sensors, RFID tags, readers or other soft sensors and the device itself. These entities are the primary part of the data sensors that are deployed in the field for monitoring or sensing various phenomena. This layer plays an important part in data collection, connecting devices within the network and with the serve

Question 2

Access Gateway Layer

Answer 2

This layer helps to bridge the gap between two endpoints like a device and a client. The very first data handling also takes place in this layer. It carries out message routing, message identification and subscribing.

Question 3

Internet Layer

Answer 3

This is the crucial layer as it serves as the main component in carrying out the communication between two endpoints such as device-to-device, device-to-cloud, device-to-gateway and back-end data-sharing.

Question 4

Middleware Layer

Answer 4

This is one of the most critical layers that operates in two-way mode. As the name suggests this layer sits in the middle of the application layer and the hardware layer, thus behaving as an interface between these two layers. It is responsible for important functions such as data management, device management and various issues like data analysis, data aggregation, data filtering, device information discovery and access control

Question 5

Application Layer

Answer 5

This layer placed at the top of the stack, is responsible for the delivery of services to the respective users from different sectors like building, industrial, manufacturing, automobile, security, healthcare, etc

Question 6

Thread

Answer 6

Thread is an IPv6 based networking protocol for IoT devices. Its main aim is home automation, so that the devices can communicate with each other on local wireless networks.

Question 7

VSAT and Cellular

Answer 7

These are long range wireless communication protocol.

Question 8

MoCA

Answer 8

It is a wired communication protocol.

Question 9

Insufficient Authentication/Authorization

Answer 9

Insufficient authentication refers to using weak credentials such as an insecure or weak password which offers poor security, thus allowing a hacker to gain access to the user account, and causing loss of data, loss of accountability and denying user to access the account.

Question 10

Insecure Network Services

Answer 10

Insecure network services are prone to various attacks like buffer overflow attacks, attacks that cause denial-of-service scenario, thus leaving the device inaccessible to the user. An attacker uses various automated tools such as port scanners and fuzzers to detect the open ports and exploit them to gain unauthorized access to the services.

Question 11

Insecure Web Interface

Answer 11

Insecure web interface occurs when certain issues arise such as weak credentials, lack of account lockout mechanism and account enumeration. These issues result in loss of data, loss of privacy, lack of accountability, denial of access and complete device access takeover

Question 12

Privacy Concerns

Answer 12

IoT devices generate some private and confidential data but due to lack of proper protection schemes, it leads to privacy concerns, which makes it is easy to discover and review the data that is being produced, sent, and collected.

Question 13

Replay Attack

Answer 13

attackers intercept legitimate messages from a valid communication and continuously send the intercepted message to the target device to perform a denial-of-service attack or delay it in order to manipulate the message or crash the target device.

Question 14

Zigbee Framework

Answer 14

Attify ZigBee framework consists of a set of tools used to perform ZigBee penetration testing. ZigBee protocol makes use of 16 different channels for all communications. Attackers use Zbstumbler from Attify Zigbee framework to identify the channel used by the target device.

Question 15

RIoT Vulnerability Scanner

Answer 15

Retina IoT vulnerability scanner identify at-risk IoT devices, such as IP cameras, DVRs, printers, routers, etc. This tool gives you an attacker’s view of all the IoT devices and their associated vulnerabilities. Utilizing precise information such as server banner and header data, RIoT will pinpoint the make and model of a particular IoT device.

Question 16

HackRF One

Answer 16

Attackers use HackRF One to perform attacks such as BlueBorne or AirBorne attacks such as replay, fuzzing, jamming, etc. HackRF One is an advanced hardware and software defined radio with the range of 1MHz to 6GHz. It transmits and receives radio waves in half-duplex mode, so it is easy for attackers to perform attacks using this device

Question 17

Foren6

Answer 17

Foren6 uses sniffers to capture 6LoWPAN traffic and renders the network state in a graphical user interface. It detects routing problems. The Routing Protocol for 6LoWPAN Networks, RPL, is an emerging IETF standard. Foren6 captures all RPL-related information and identifies abnormal behaviors. It combines multiple sniffers and captures live packets from deployed networks in a non-intrusive manner.

Question 18

Z-Wave Sniffer

Answer 18

It is used to sniff traffic, perform real-time monitoring and capture packets from all Z-Wave networks. It is a hardware tool used to sniff traffic generated by smart devices connected in the network.

Question 19

Censys

Answer 19

Public search engine and data processing facility backed by data collected from ongoing Internet-wide scans. Censys supports full-text searches on protocol banners and queries a wide range of derived fields.

Question 20

Firmalyzer Enterprise

Answer 20

Firmalyzer enables device vendors and security professionals to perform automated security assessment on software that powers IoT devices (firmware) in order to identify configuration and application vulnerabilities. This tool notifies users about the vulnerabilities discovered and assists to mitigate those in a timely manner

Question 21

beSTORM

Answer 21

beSTORM is a smart fuzzer to find buffer overflow vulnerabilities by automating and documenting the process of delivering corrupted input and watching for unexpected response from the application. It supports multi-protocol environment and address breaches by testing over 50 protocols while providing automated binary and textual analysis, advanced debugging and stack tracing.

Question 22

Port 48101

Answer 22

TCP/UDP port 48101 is used by the infected devices to spread malicious files to the other devices in the network. Monitor traffic on port 48101 as the infected devices attempt to spread the malicious file using port 48101

Question 23

Insecure Network Services

Answer 23

Close open network ports
Disable UPnP
Review network services for vulnerabilities

Question 24

Privacy Concerns

Answer 24

Minimize data collection
Anonymize collected data
Providing end users the ability to decide what data is collected

Question 25

Insecure Cloud Interface

Answer 25

Conduct assessment of all the cloud interfaces
Use strong and complex password
Enable two-factor authentication

Question 26

Insecure Software / Firmware

Answer 26

Secure update servers
Verify updates before installation
Sign updates

Question 27

Mobile

Answer 27

An ideal framework for the mobile interface should include proper authentication mechanism for the user, account lockout mechanism after a certain number of failed attempts, local storage security, encrypted communication channels and the security of the data transmitted over the channel.

Question 28

Cloud Platform

Answer 28

A secure framework for the cloud component should include encrypted communications, strong authentication credentials, secure web interface, encrypted storage, automatic updates and so on.

Question 29

Edge

Answer 29

Framework consideration for edge would be proper communications and storage encryption, no default credentials, strong passwords, use latest up to date components and so on.

Question 30

Gateway

Answer 30

An ideal framework for the gateway should incorporate strong encryption techniques for secure communications between endpoints. Also, the authentication mechanism for the edge components should be as strong as any other component in the framework. Where ever possible the gateway should be designed in such a way that it authenticates multi-directionally to carry out trusted communication between the edge and the cloud. Automatic updates should also be provided to the device for countering vulnerabilities.