Uploaded by lancytud1996

ISA-IEC-62443 Cybersecurity Fundamentals Specialist Exam Questions

advertisement
Pass ISA ISA-IEC-62443 Exam with Real Questions
ISA ISA-IEC-62443 Exam
ISA/IEC 62443 Cybersecurity Fundamentals Specialist
https://www.passquestion.com/isa-iec-62443.html
35% OFF on All, Including ISA-IEC-62443 Questions and Answers
Pass ISA ISA-IEC-62443 Exam with PassQuestion ISA-IEC-62443
questions and answers in the first attempt.
https://www.passquestion.com/
1/4
1.Which of the following is an element of monitoring and improving a CSMS?
Available Choices (select all choices that are correct)
A. Increase in staff training and security awareness
B. Restricted access to the industrial control system to an as-needed basis
C. Significant changes in identified risk round in periodic reassessments
D. Review of system logs and other key data files
Answer: D
2.Which of the following attacks relies on a human weakness to succeed?
Available Choices (select all choices that are correct)
A. Denial-of-service
B. Phishing
C. Escalation-of-privileges
D. Spoofing
Answer: B
3.What is a feature of an asymmetric key?
Available Choices (select all choices that are correct)
A. Uses a continuous stream
B. Uses different keys
C. Shares the same key OD.
D. Has lower network overhead
Answer: B
4.Which of the following is an example of separation of duties as a part of system development and
maintenance?
Available Choices (select all choices that are correct)
A. Changes are approved by one party and implemented by another.
B. Configuration settings are made by one party and self-reviewed using a checklist.
C. Developers write and then test their own code.
D. Design and implementation are performed by the same team.
Answer: A
5.Which is an important difference between IT systems and IACS?
Available Choices (select all choices that are correct)
A. The IACS security priority is integrity.
B. The IT security priority is availability.
C. IACS cybersecurity must address safety issues.
D. Routers are not used in IACS networks.
Answer: C
6.What is the name of the missing layer in the Open Systems Interconnection (OSI) model shown below?
2/4
A. Control
B. Protocol
C. Transport
D. User
Answer: C
7.What are the four main categories for documents in the ISA-62443 (IEC 62443) series?
Available Choices (select all choices that are correct)
A. General. Policies and Procedures. System, and Component
B. End-User, Integrator, Vendor, and Regulator
C. Assessment. Mitigation. Documentation, and Maintenance
D. People. Processes. Technology, and Training
Answer: A
8.Safety management staff are stakeholders of what security program development?
Available Choices (select all choices that are correct)
A. CSMS
B. SPRP
C. CSA
D. ERM
Answer: A
9.What does the abbreviation CSMS round in ISA 62443-2-1 represent?
Available Choices (select all choices that are correct)
A. Control System Management System
B. Control System Monitoring System
3/4
C. Cyber Security Management System
D. Cyber Security Monitoring System
Answer: C
10.Which organization manages the ISA Secure conformance certification program?
Available Choices (select all choices that are correct)
A. American Society for Industrial Security
B. Automation Federation
C. National Institute of Standards and Technology
D. Security Compliance Institute
Answer: D
11.Which is the PRIMARY objective when defining a security zone?
Available Choices (select all choices that are correct)
A. All assets in the zone must be from the same vendor.
B. All assets in the zone must share the same security requirements.
C. All assets in the zone must be at the same level in the Purdue model.
D. All assets in the zone must be physically located in the same area.
Answer: B
12.Which layer in the Open Systems Interconnection (OSI) model would include the use of the File
Transfer Protocol (FTP)?
Available Choices (select all choices that are correct)
A. Application layer
B. Data link layer
C. Session layer
D. Transport layer
Answer: A
13.Authorization (user accounts) must be granted based on which of the following?
Available Choices (select all choices that are correct)
A. Individual preferences
B. Common needs for large groups
C. Specific roles
D. System complexity
Answer: C
14.Which of the following is the BEST example of detection-in-depth best practices?
Available Choices (select all choices that are correct)
A. Firewalls and unexpected protocols being used
B. IDS sensors deployed within multiple zones in the production environment
C. Role-based access control and unusual data transfer patterns
D. Role-based access control and VPNs
Answer: B
4/4
Download