A smart utility company is deploying a large-scale mesh network of smart meters using 6LoWPAN. To prevent unauthorized devices from joining the network and injecting malicious data, which of the following is the most effective and resource-efficient security mechanism to implement at the network layer for device onboarding?
A medical device manufacturer is designing an implantable glucose monitor that transmits data to a patient's smartphone via Bluetooth Low Energy (BLE). To comply with HIPAA and protect sensitive health information, which BLE Security Mode should be mandated for the connection?
During a security audit of an industrial IoT deployment, a penetration tester discovers that firmware updates for programmable logic controllers (PLCs) are being delivered over-the-air (OTA) without any verification of the update source's identity. To mitigate the risk of malicious firmware injection, which TWO of the following controls are most critical to implement? (Select TWO)
A security architect is designing a system for a remote environmental monitoring station powered by a solar panel and battery. The station uses a low-power wide-area network (LPWAN) to send small data packets infrequently. To protect the data packets from eavesdropping and tampering with minimal energy consumption, which protocol is most suitable?
True or False: In an IoT context, implementing Privacy by Design means that privacy considerations are addressed as a secondary feature after the main functionality has been developed and tested.
An organization is deploying IoT sensors in a public-facing, physically accessible area. The security team is concerned about attackers connecting a device to the sensor's debug port (e.g., JTAG or UART) to extract firmware or cryptographic keys. Which of the following is the MOST effective countermeasure against this specific threat?
A cloud-based IoT platform uses an MQTT broker to communicate with thousands of devices. To ensure that a compromised device can only publish data to its own designated topic (e.g., `devices/123/data`) and subscribe only to its command topic (e.g., `devices/123/commands`), which security mechanism should be configured on the MQTT broker?
A company that manufactures smart home cameras is facing criticism over privacy. To demonstrate a commitment to the principle of data minimization, which action would be most effective?
A security analyst is reviewing logs from a web application firewall (WAF) that protects an IoT device management portal. The analyst observes a series of HTTP requests targeting a user profile page with the following parameter: `?user_id=123' OR '1'='1'`. This pattern is indicative of which type of attack?
To prevent a power analysis side-channel attack, where an attacker measures fluctuations in a device's power consumption to deduce cryptographic operations, a hardware engineer could implement which of the following countermeasures? (Select THREE)