Course Description
Bootcamp | 18 hours | 1.8 CEUs | $3,525
The Internet of Things (IoT) enables data to be collected and analyzed on a massive scale, enabling well-informed decisions to be made quickly. However, the deluge of data handled by IoT systems is often acquired, processed, and presented using new technologies that are rapidly evolving and in some cases being rushed to market, creating new concerns for data privacy and cybersecurity.
Securing IoT systems can be a complicated proposition, involving hazards that many IT workers have never had to deal with. Solutions may involve resource-constrained IoT devices and technologies from many different vendors. IoT devices may be installed in vulnerable locations, and new network devices and protocols add complexity to the overall network architecture.
This course presents an approach for managing the security and data privacy of IoT throughout the entire lifecycle. Through a combination of hands-on activities and case studies, you will learn how to identify and remediate vulnerabilities that undermine IoT security, as well as strategies for managing risk, securing data throughout its entire lifecycle, protecting data privacy, ensuring that IoT resources can be accessed only by authorized users, managing risks related to device firmware and software, and protecting IoT devices from direct physical and network access.
Course Outline
- Lesson 1: Managing IoT Risks
- Topic A: Map the IoT Attack Surface
- Topic B: Build in Security by Design
- Lesson 2: Securing Web and Cloud Interfaces
- Topic A: Identify Threats to IoT Web and Cloud Interfaces
- Topic B: Prevent Injection Flaws
- Topic C: Prevent Session Management Flaws
- Topic D: Prevent Cross-Site Scripting Flaws
- Topic E: Prevent Cross-Site Request Forgery Flaws
- Topic F: Prevent Unvalidated Redirects and Forwards
- Lesson 3: Securing Data
- Topic A: Use Cryptography Appropriately
- Topic B: Protect Data in Motion
- Topic C: Protect Data at Rest
- Topic D: Protect Data in Use
- Lesson 4: Controlling Access to IoT Resources
- Topic A: Identify the Need to Protect IoT Resources
- Topic B: Implement Secure Authentication
- Topic C: Implement Secure Authorization
- Topic D: Implement Security Monitoring on IoT Systems
- Lesson 5: Securing IoT Networks
- Topic A: Ensure the Security of IP Networks
- Topic B: Ensure the Security of Wireless Networks
- Topic C: Ensure the Security of Mobile Networks
- Topic D: Ensure the Security of IoT Edge Networks
- Lesson 6: Ensuring Privacy
- Topic A: Improve Data Collection to Reduce Privacy Concerns
- Topic B: Protect Sensitive Data
- Topic C: Dispose of Sensitive Data
- Lesson 7: Managing Software and Firmware Risks
- Topic A: Manage General Software Risks
- Topic B: Manage Risks Related to Software Installation and Configuration
- Topic C: Manage Risks Related to Software Patches and Updates
- Topic D: Manage Risks Related to IoT Device Operating Systems and Firmware
- Lesson 8: Promoting Physical Security
- Topic A: Protect Local Memory and Storage
- Topic B: Prevent Physical Port Access
Prerequisites
To ensure your success in this course you should have a fundamental understanding of IoT ecosystems, which you can obtain by taking the following CertNexus course:
- Certified Internet of Things (IoT) Practitioner (Exam ITP-110)
Duration
18 Hours | 3 Days or 6 Nights*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.