- All Exams Instant Download
Authorization (user accounts) must be granted based on which of the following?
Authorization (user accounts) must be granted based on which of the following? Available Choices (select all choices that are correct)A . Individual preferences B. Common needs for large groups C. Specific roles D. System complexityView AnswerAnswer: C
Which is one of the PRIMARY goals of providing a framework addressing secure product development life-cycle requirements?
Which is one of the PRIMARY goals of providing a framework addressing secure product development life-cycle requirements? Available Choices (select all choices that are correct)A . Aligned development process B. Aligned needs of industrial users C. Well-documented security policies and procedures D. Defense-in-depth approach to designingView AnswerAnswer: D
What does the abbreviation CSMS round in ISA 62443-2-1 represent?
What does the abbreviation CSMS round in ISA 62443-2-1 represent? Available Choices (select all choices that are correct)A . Control System Management System B. Control System Monitoring System C. Cyber Security Management System D. Cyber Security Monitoring SystemView AnswerAnswer: C
Which of the following is an industry sector-specific standard?
Which of the following is an industry sector-specific standard? Available Choices (select all choices that are correct)A . ISA-62443 (EC 62443) B. NIST SP800-82 C. API 1164 D. D. ISO 27001View AnswerAnswer: C
Why is patch management more difficult for IACS than for business systems?
Why is patch management more difficult for IACS than for business systems? Available Choices (select all choices that are correct)A . Overtime pay is required for technicians. B. Many more approvals are required. C. Patching a live automation system can create safety risks. D. Business systems automatically update.View AnswerAnswer: C
Which layer in the Open Systems Interconnection (OSI) model would include the use of the File Transfer Protocol (FTP)?
Which layer in the Open Systems Interconnection (OSI) model would include the use of the File Transfer Protocol (FTP)? Available Choices (select all choices that are correct)A . Application layer B. Data link layer C. Session layer D. Transport layerView AnswerAnswer: A
Which of the following is an element of monitoring and improving a CSMS?
Which of the following is an element of monitoring and improving a CSMS? Available Choices (select all choices that are correct)A . Increase in staff training and security awareness B. Restricted access to the industrial control system to an as-needed basis C. Significant changes in identified risk round in periodic...
Which is a reason for and physical security regulations meeting a mixed resistance?
Which is a reason for and physical security regulations meeting a mixed resistance? Available Choices (select all choices that are correct)A . Regulations are voluntary documents. B. Regulations contain only informative elements. C. Cybersecurity risks can best be managed individually and in isolation. D. There are a limited number of...
Which of the following is the BEST example of detection-in-depth best practices?
Which of the following is the BEST example of detection-in-depth best practices? Available Choices (select all choices that are correct)A . Firewalls and unexpected protocols being used B. IDS sensors deployed within multiple zones in the production environment C. Role-based access control and unusual data transfer patterns D. Role-based access...
Which of the following is an example of separation of duties as a part of system development and maintenance?
Which of the following is an example of separation of duties as a part of system development and maintenance? Available Choices (select all choices that are correct)A . Changes are approved by one party and implemented by another. B. Configuration settings are made by one party and self-reviewed using a...
