Lesson 1: Managing IoT Risks
Topic A: Map the IoT Attack Surface
Topic B: Build in Security by Design
Lesson 2: Securing Web and Cloud Interfaces
Topic A: Identify Threats to IoT Web and Cloud Interfaces
Topic B: Prevent Injection Flaws
Topic C: Prevent Session Management Flaws
Topic D: Prevent Cross-Site Scripting Flaws
Topic E: Prevent Cross-Site Request Forgery Flaws
Topic F: Prevent Unvalidated Redirects and Forwards
Lesson 3: Securing Data
Topic A: Use Cryptography Appropriately
Topic B: Protect Data in Motion
Topic C: Protect Data at Rest
Topic D: Protect Data in Use
Lesson 4: Controlling Access to IoT Resources
Topic A: Identify the Need to Protect IoT Resources
Topic B: Implement Secure Authentication
Topic C: Implement Secure Authorization
Topic D: Implement Security Monitoring on IoT Systems
Lesson 5: Securing IoT Networks
Topic A: Ensure the Security of IP Networks
Topic B: Ensure the Security of Wireless Networks
Topic C: Ensure the Security of Mobile Networks
Topic D: Ensure the Security of IoT Edge Networks
Lesson 6: Ensuring Privacy
Topic A: Improve Data Collection to Reduce Privacy Concerns
Topic B: Protect Sensitive Data
Topic C: Dispose of Sensitive Data
Lesson 7: Managing Software and Firmware Risks
Topic A: Manage General Software Risks
Topic B: Manage Risks Related to Software Installation and Configuration
Topic C: Manage Risks Related to Software Patches and Updates
Lesson 8: Promoting Physical Security
Topic A: Protect Local Memory and Storage
Topic B: Prevent Physical Port Access