Certified Internet of Things Security Practitioner (CIoTSP™) Training Course

Lesson 1: Managing IoT Risks

• Topic A: Map the IoT Attack Surface
• Topic B: Build in Security by Design

Lesson 2: Securing Web and Cloud Interfaces

• Topic A: Identify Threats to IoT Web and Cloud Interfaces
• Topic B: Prevent Injection Flaws
• Topic C: Prevent Session Management Flaws
• Topic D: Prevent Cross-Site Scripting Flaws
• Topic E: Prevent Cross-Site Request Forgery Flaws
• Topic F: Prevent Unvalidated Redirects and Forwards

Lesson 3: Securing Data

• Topic A: Use Cryptography Appropriately
• Topic B: Protect Data in Motion
• Topic C: Protect Data at Rest
• Topic D: Protect Data in Use

Lesson 4: Controlling Access to IoT Resources

• Topic A: Identify the Need to Protect IoT Resources
• Topic B: Implement Secure Authentication
• Topic C: Implement Secure Authorization
• Topic D: Implement Security Monitoring on IoT Systems

Lesson 5: Securing IoT Networks

• Topic A: Ensure the Security of IP Networks
• Topic B: Ensure the Security of Wireless Networks
• Topic C: Ensure the Security of Mobile Networks
• Topic D: Ensure the Security of IoT Edge Networks

Lesson 6: Ensuring Privacy

• Topic A: Improve Data Collection to Reduce Privacy Concerns
• Topic B: Protect Sensitive Data
• Topic C: Dispose of Sensitive Data

Lesson 7: Managing Software and Firmware Risks

• Topic A: Manage General Software Risks
• Topic B: Manage Risks Related to Software Installation and Configuration
• Topic C: Manage Risks Related to Software Patches and Updates
• Topic D: Manage Risks Related to IoT Device Operating Systems and Firmware

Lesson 8: Promoting Physical Security

• Topic A: Protect Local Memory and Storage
• Topic B: Prevent Physical Port Access