Course Description

The Internet of Things (IoT) enables data to be collected and analyzed on a massive scale, enabling well-informed decisions to be made quickly. However, the deluge of data handled by IoT systems is often acquired, processed, and presented using new technologies that are rapidly evolving and in some cases being rushed to market, creating new concerns for data privacy and cybersecurity.

Securing IoT systems can be a complicated proposition, involving hazards that many IT workers have never had to deal with. Solutions may involve resource-constrained IoT devices and technologies from many different vendors. IoT devices may be installed in vulnerable locations, and new network devices and protocols add complexity to the overall network architecture.

This course presents an approach for managing the security and data privacy of IoT throughout the entire lifecycle. Through a combination of hands-on activities and case studies, you will learn how to identify and remediate vulnerabilities that undermine IoT security, as well as strategies for managing risk, securing data throughout its entire lifecycle, protecting data privacy, ensuring that IoT resources can be accessed only by authorized users, managing risks related to device firmware and software, and protecting IoT devices from direct physical and network access.

Course Outline

Lesson 1: Managing IoT Risks

Topic A: Map the IoT Attack Surface

Topic B: Build in Security by Design

Lesson 2: Securing Web and Cloud Interfaces

Topic A: Identify Threats to IoT Web and Cloud Interfaces

Topic B: Prevent Injection Flaws

Topic C: Prevent Session Management Flaws

Topic D: Prevent Cross-Site Scripting Flaws

Topic E: Prevent Cross-Site Request Forgery Flaws

Topic F: Prevent Unvalidated Redirects and Forwards

Lesson 3: Securing Data

Topic A: Use Cryptography Appropriately

Topic B: Protect Data in Motion

Topic C: Protect Data at Rest

Topic D: Protect Data in Use

Lesson 4: Controlling Access to IoT Resources

Topic A: Identify the Need to Protect IoT Resources

Topic B: Implement Secure Authentication

Topic C: Implement Secure Authorization

Topic D: Implement Security Monitoring on IoT Systems

Lesson 5: Securing IoT Networks

Topic A: Ensure the Security of IP Networks

Topic B: Ensure the Security of Wireless Networks

Topic C: Ensure the Security of Mobile Networks

Topic D: Ensure the Security of IoT Edge Networks

Lesson 6: Ensuring Privacy

Topic A: Improve Data Collection to Reduce Privacy Concerns

Topic B: Protect Sensitive Data

Topic C: Dispose of Sensitive Data

Lesson 7: Managing Software and Firmware Risks

Topic A: Manage General Software Risks

Topic B: Manage Risks Related to Software Installation and Configuration

Topic C: Manage Risks Related to Software Patches and Updates

Topic D: Manage Risks Related to IoT Device Operating Systems and Firmware

Lesson 8: Promoting Physical Security

Topic A: Protect Local Memory and Storage

Topic B: Prevent Physical Port Access


To ensure your success in this course you should have a fundamental understanding of IoT ecosystems, which you can obtain by taking the following CertNexus course:

  • Certified Internet of Things (IoT) Practitioner (Exam ITP-110)


3 Days | 6 Nights
Enroll Now - Select a section to enroll in
Section Title
Certified Internet of Things (IoT) Security Practitioner
T, Th
Time (Central Time)
5:30PM to 8:30PM
Nov 28, 2023 to Dec 14, 2023
Schedule and Location
# of Course Hours
Delivery Option
Course Fee(s)
Rate non-credit $3,525.00
Potential Discount(s)
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.