The CIoTSP – CertNexus Certified IoT Security Practitioner training validates that the candidate has the knowledge, skills, and abilities to secure network environments for IoT devices, analyze vulnerabilities and determine reasonable controls against threats, and effectively monitor IoT devices and respond to incidents.
Successful candidates will hold the CertNexus ITP-110 Certified Internet of Things Practitioner Certification or have knowledge equivalent to that certification.
Lesson 1: Network Architecture
- Analyze and validate designs for secure networks that support IoT devices
- Build and implement network technologies based on a given design.
Lesson 2: Monitoring
- Perform monitoring of network traffic related to IoT devices.
- Perform monitoring of IoT endpoint devices.
- Understand common methods of log collection and security event information.
Lesson 3: Risk Management
- Compare and contrast various threats and classify threat profiles.
- Analyze and identify IoT-specific vulnerabilities given a particular risk scenario, determine the best controls to mitigate or minimize risk.
Lesson 4: Mitigation
- Identify and categorize common control types.
- Implement industry-standard security controls.
- Demonstrate an understanding of common IoT-related secure design considerations.
- Configure appropriate user access controls for IoT devices.
This certification exam is designed for network security engineers and analysts who are tasked with designing secure network environments, implementing security policies and protocols related to IoT devices, and analyzing network systems for operational and security considerations, in addition to the Security Operations Center (SOC) analysts who analyze and respond to security incidents, and develop organizational response processes.
It is also beneficial to solutions architects, developers, and testers who design, develop, and test software solutions for their organizations. This certification is also relevant to operations engineers who deploy and maintain embedded and mission-critical systems and perform an organizational gap analysis.