Eccouncil ICS/SCADA Cyber Security ICS-SCADA Exam Questions

Page: 1 / 14
Total 75 questions
Question 1

A Virtual Private Network (VPN) requires how many Security Associations?



Answer : D

A Virtual Private Network (VPN) typically requires two Security Associations (SAs) for a secure communication session. One SA is used for inbound traffic, and the other for outbound traffic.

In the context of IPsec, which is often used to secure VPN connections, these two SAs facilitate the bidirectional secure exchange of packets in a VPN tunnel.

Each SA uniquely defines how traffic should be securely processed, including the encryption and authentication mechanisms. This ensures that data sent in one direction is handled independently from data sent in the opposite direction, maintaining the integrity and confidentiality of both communication streams.

Reference

'Understanding IPSec VPNs,' by Cisco Systems.

'IPsec Security Associations,' RFC 4301, Security Architecture for the Internet Protocol.


Question 2

Which of the IEC 62443 security levels is identified by a hacktivist/terrorist target?



Answer : C

IEC 62443 defines multiple security levels (SLs) tailored to address different types of threats and attackers in industrial control systems.

Security Level 4 (SL4) is designed to protect against sophisticated attacks by adversaries such as hacktivists or terrorists. SL4 involves threats that are targeted with specific intent against the organization, using advanced skills and means.

This level assumes that the adversary is capable of sustained and focused efforts with significant resources, including state-level actors or well-funded groups, aiming at causing widespread disruption or damage.

Reference

IEC 62443-3-3: System security requirements and security levels.

'Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems,' by Eric Knapp.


Question 3

Which of the registrars contains the information for the domain owners in South America?



Answer : C

LACNIC (Latin American and Caribbean Network Information Centre) is the regional Internet registry for Latin America and parts of the Caribbean. It manages the allocation and registration of Internet number resources (such as IP addresses and AS numbers) within this region and maintains the registry of domain owners in South America. Reference:

LACNIC official website, 'About LACNIC'.


Question 4

Which of the following can be used to view entire copies of web sites?



Answer : A

The Wayback Machine is an internet service provided by the Internet Archive that allows users to see archived versions of web pages across time, enabling them to browse past versions of a website as it appeared on specific dates.

It captures and stores snapshots of web pages, making it an invaluable tool for accessing the historical state of a website or recovering content that has since been changed or deleted.

Other options like Google Cache may also show snapshots of web pages, but the Wayback Machine is dedicated to this purpose and holds a vast archive of historical web data.

Reference

Internet Archive: https://archive.org

'Using the Wayback Machine,' Internet Archive Help Center.


Question 5

Which of the following is a component of an IDS?



Answer : A

An Intrusion Detection System (IDS) is designed to monitor network or system activities for malicious activities or policy violations and can perform several functions:

Monitor: Observing network traffic and system activities for unusual or suspicious behavior.

Detect: Identifying potential security breaches including both known threats and unusual activities that could indicate new threats.

Respond: Executing pre-defined actions to address detected threats, which can include alerts or triggering automatic countermeasures. Reference:

Cisco Systems, 'Intrusion Detection Systems'.


Question 6

The NIST SP 800-53 defines how many management controls?



Answer : B

NIST SP 800-53 is a publication that provides a catalog of security and privacy controls for federal information systems and organizations and promotes the development of secure and resilient federal information and information systems.

According to the NIST SP 800-53 Rev. 5, the framework defines a comprehensive set of controls, which are divided into different families. Among these families, there are specifically nine families categorized under management controls. These include categories such as risk assessment, security planning, program management, and others.

Reference

'NIST Special Publication 800-53 (Rev. 5) Security and Privacy Controls for Information Systems and Organizations.'

NIST website: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf


Question 7

Which of the IEC 62443 Security Levels is identified by a cybercrime/hacker target?



Answer : B

IEC 62443 is an international series of standards on Industrial communication networks and system security, specifically related to Industrial Automation and Control Systems (IACS). Within the IEC 62443 standards, Security Level 3 is defined as protection against deliberate or specialized intrusion. It is designed to safeguard against threats from skilled attackers (cybercriminals or hackers) targeting specific processes or operations within the industrial control system. Reference:

International Electrotechnical Commission, 'IEC 62443 Standards'.


Page:    1 / 14   
Total 75 questions