Which is a common pitfall when initiating a CSMS program?
Available Choices (select all choices that are correct)
A. Organizational lack of communication
B. Failure to relate to the mission of the organization
C. Insufficient documentation due to lack of good follow-up
D. Immediate jump into detailed risk assessment
Which of the following is an element of monitoring and improving a CSMS?
Available Choices (select all choices that are correct)
A. Increase in staff training and security awareness
B. Restricted access to the industrial control system to an as-needed basis
C. Significant changes in identified risk round in periodic reassessments
D. Review of system logs and other key data files
Which statement is TRUE reqardinq application of patches in an IACS environment?
Available Choices (select all choices that are correct)
A. Patches should be applied as soon as they are available.
B. Patches should be applied within one month of availability.
C. Patches never should be applied in an IACS environment.
D. Patches should be applied based on the organization's risk assessment.
The Risk Analysis category contains background information that is used where?
Available Choices (select all choices that are correct)
A. Many other elements in the CSMS
B. (Elements external to the CSMS
C. Only the Assessment element
D. Only the Risk ID element
At Layer 4 of the Open Systems Interconnection (OSI) model, what identifies the application that will handle a packet inside a host?
Available Choices (select all choices that are correct)
A. ATCP/UDP application ID
B. A TCP/UDP host ID
C. ATCP/UDP port number
D. ATCP/UDP registry number
Which is the PRIMARY objective when defining a security zone?
Available Choices (select all choices that are correct)
A. All assets in the zone must be from the same vendor.
B. All assets in the zone must share the same security requirements.
C. All assets in the zone must be at the same level in the Purdue model.
D. All assets in the zone must be physically located in the same area.
What is a commonly used protocol for managing secure data transmission over a Virtual Private Network (VPN)?
Available Choices (select all choices that are correct)
A. HTTPS
B. IPSec
C. MPLS
D. SSH
What are the four main categories for documents in the ISA-62443 (IEC 62443) series?
Available Choices (select all choices that are correct)
A. General. Policies and Procedures. System, and Component
B. End-User, Integrator, Vendor, and Regulator
C. Assessment. Mitigation. Documentation, and Maintenance
D. People. Processes. Technology, and Training
Which steps are included in the ISA/IEC 62443 assess phase?
Available Choices (select all choices that are correct)
A. Cybersecurity requirements specification and detailed cyber risk assessment
B. Cybersecurity requirements specification and allocation of IACS assets to zones and conduits
C. Detailed cyber risk assessment and cybersecurity maintenance, monitoring, and management of change
D. Allocation of IACS assets to zones and conduits, and detailed cyber risk assessment
In a defense-in-depth strategy, what is the purpose of role-based access control?
Available Choices (select all choices that are correct)
A. Ensures that users can access systems from remote locations
B. Ensures that users can access only certain devices on the network
C. Ensures that users can access only the functions they need for their job
D. Ensures that users correctly manage their username and password