• The priority will be to provide an explanation of at least 1 page concerning the security concepts present when IoT devices network and communicate.
  • Provide details for IoT device security: endpoint hardening, protecting against vulnerabilities, encryption and device trust using PKI.
  • Provide details for IoT network security: context aware user authentication/access control, sophisticated password importance, and network and transport layer encryption
• Provide 10 "shall" security requirements associated with the IoT device network communications required for the networking manager to follow when configuring and allowing the IoT devices to communicate on the corporate network. For example, provide at least the depth of the following requirements:

1. "XYZ Corporation shall provide a security layer performing encryption/decryption and ensuring data integrity and privacy"
2. "The XYZ corporate network administrator shall be capable of placing owner controls or restrictions on the kinds of devices that can connect to it."
   1. Identify how the organization can provide audit trails, endpoint anomaly detection and a forensic security capability to ensure a stable security posture.

Notice these are considered Tier 1 requirements and do not need to be testable. All requirements should be clear, and unambiguous. The security discussion and requirements should be applied to the "network" and "device application" levels. For example, clients use DTLS (Datagram Transport Layer Security) at the Application level.

Answer rating: 100% (QA)

1 Some of IoT device security are as follows Security boot is used for making a cryptographical sign... View the full answer