IoT Security Interview Questions & Answers
Q. List out IoT OWASP Top 10 2018 vulnerabilities.
Ans: Below is the list of IoT OWASP Top 10 vulnerabilities:
- Weak, Guessable, or Hardcoded Passwords
- Insecure Network Services
- Insecure Ecosystem Interfaces
- Lack of Secure Update Mechanism
- Use of Insecure or Outdated Components
- Insufficient Privacy Protection
- Insecure Data Transfer and Storage
- Lack of Device Management
- Insecure Default Settings
- Lack of Physical Hardening
Q. How can we find vulnerabilities of the most prevalent vulnerability of weak, guessable, or hardcoded passwords?
Ans: While configuring IoT devices, administrators/users tend not to change the default or easily guessable password for convenience. Also most of the IoT devices have backdoors to access it via root passwords.
Most of the attacks happen because the administrator/user has not changed the default password.
Attacker easily brute force to guess the correct password of the IoT device if the account lockout mechanism not implemented.
Q. What type of issues comes under Insecure Ecosystem Interfaces?
Ans: Any vulnerable web interface, mobile, cloud interface or API may be the components of insecure ecosystem interfaces. Below is the list of issues which may be found under this category:
- Authentication issue while accessing sensitive data
- Server certificates not validated by device
- Security updates not installed
- Leaking API keys
Q. What are the possible test cases of secure update mechanism of IoT devices?
Ans: I am listing out possible test cases to test update mechanisms of IoT devices:
- Check for firmware validation while updating
- Check for mechanisms to prevent rollback to the previous version
- Check for delivery of firmware is encrypted or not
- Check for vulnerabilities in the updated firmware
Q. What are the possible attacks on IoT devices?
Ans: I am listing out possible attacks on IoT devices:
Physical attacks: These types of attacks possible only after compromising the physical security of IoT devices. Attackers can temper IoT devices and extract different components, data and code reside in it.
Network Attacks: Distributed Denial of Service (DDoS) attacks are the type of network attacks. This attack starves all the resources of IoT devices.
Cloning: Attacker clone the IoT device by using RFID attacks (due to poor authentication) and replace it with genuine device.
Encryption attack: Attacker employed side channel attacks to extract keys of cryptographic algorithms.
Q. What are the activities involved in security testing of IoT products?
Ans: List of activities involved in security testing of IoT products:
- Threat modeling of IoT product
- Firmware security
- Review of encryption used in IoT product
- Code review
- Privacy review
- Protocol fuzzing
- Network traffic analysis
- API Testing
- Penetration testing
Q. List out some tools used for IoT security.
Ans: Tools used for IoT security:
|Multimeter, Wireshark, UART, Flash Dumper, network bridging, Ubertooth On, Split-port adapters, BLE Sniffer||Wired and Wireless testing|
|Binwalk, IDA Pro, Binary Ninja, firmware emulators (QEMU)||Firmware Testing|
|Wireshark, Bettercap||Network related vulnerabilities|
|Nmap, Nessus, Metasploit, IBM AppScan, Netsparker, Burp Suite, ZAP Proxy, SQL Map||Network and Web Application Testing|
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.