IoT Security Interview Questions & Answers
This blog list some interview questions on the security of the Internet of Things (IoT). Currently, there are many standards available to assess and test IoT devices.
Q. List out IoT OWASP Top 10 2018 vulnerabilities.
Ans: Below is the list of IoT OWASP Top 10 vulnerabilities:
- Weak, Guessable, or Hardcoded Passwords
- Insecure Network Services
- Insecure Ecosystem Interfaces
- Lack of Secure Update Mechanism
- Use of Insecure or Outdated Components
- Insufficient Privacy Protection
- Insecure Data Transfer and Storage
- Lack of Device Management
- Insecure Default Settings
- Lack of Physical Hardening
Q. How can we find vulnerabilities of the most prevalent vulnerability of weak, guessable, or hardcoded passwords?
Ans: While configuring IoT devices, administrators/users tend not to change the default or easily guessable password for convenience. Also, most of IoT devices have backdoors to access them via root passwords.
Most of the attacks happen because the administrator/user has not changed the default password.
Attackers easily brute force to guess the correct password of the IoT device if the account lockout mechanism is not implemented.
Q. What type of issues comes under Insecure Ecosystem Interfaces?
Ans: Any vulnerable web interface, mobile, cloud interface, or API may be a component of insecure ecosystem interfaces. Below is the list of issues that may be found under this category:
- Authentication issue while accessing sensitive data
- Server certificates not validated by the device
- Security updates not installed
- Leaking API keys
Q. What are the possible test cases of the secure update mechanism of IoT devices?
Ans: I am listing out possible test cases to test the update mechanisms of IoT devices:
- Check for firmware validation while updating
- Check for mechanisms to prevent rollback to the previous version
- Check for delivery of firmware is encrypted or not
- Check for vulnerabilities in the updated firmware
Q. What are the possible attacks on IoT devices?
Ans: I am listing out possible attacks on IoT devices:
Physical attacks: These types of attacks are possible only after compromising the physical security of IoT devices. Attackers can temper IoT devices and extract different components, data, and code that reside in them.
Network Attacks: Distributed Denial of Service (DDoS) attacks are the type of network attacks. This attack starves all the resources of IoT devices.
Cloning: The attacker clone the IoT device by using RFID attacks (due to poor authentication) and replaces it with a genuine device.
Encryption attack: The attacker employed side-channel attacks to extract keys of cryptographic algorithms.
Q. What are the activities involved in the security testing of IoT products?
Ans: List of activities involved in security testing of IoT products:
- Threat modeling of IoT product
- Firmware security
- Review of encryption used in IoT product
- Code review
- Privacy review
- Protocol fuzzing
- Network traffic analysis
- API Testing
- Penetration testing
Q. List out some tools used for IoT security.
Ans: Tools used for IoT security as mentioned below:
|Multimeter, Wireshark, Flash Dumper, network bridging, Ubertooth, Split-port adapters, BLE Sniffer, HackRF, JTAGulator
|Wired and Wireless testing
|Binwalk, IDA Pro, Binary Ninja, firmware emulators (QEMU)
|Wireshark, Bettercap, tshark
|Network related vulnerabilities
|Nmap, Masscan, Nessus, Metasploit, IBM AppScan, Netsparker, Burp Suite, ZAP Proxy, SQLMap
|Network and Web Application Testing
Q. Is API Testing required in the testing of IoT devices?
Ans: APIs, short for Application Programming Interfaces, are used to interest different IoT devices with each other. Like any other technology, APIs also have some vulnerabilities. Hence, If APIs are used in the IoT ecosystem, security assessment is very much required.
As per OWASP, below is the list of API Security Top 10 vulnerabilities:
- Broken Object Level Authorization
- Broken User Authentication
- Excessive Data Exposure
- Lack of Resources & Rate Limiting
- Broken Function Level Authorization
- Mass Assignment
- Security Misconfiguration
- Improper Assets Management
- Insufficient Logging & Monitoring
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.