Try Before You Buy

Download a free sample of any of our exam questions and answers

  • 24/7 customer support, Secure shopping site
  • Free One year updates to match real exam scenarios
  • If you failed your exam after buying our products we will refund the full amount back to you.

Get Instant Access to ISA-IEC-62443 Practice Exam Questions [Q32-Q55]

Share

Get Instant Access to ISA-IEC-62443 Practice Exam Questions

Reliable Study Materials & Testing Engine for ISA-IEC-62443 Exam Success!

NEW QUESTION # 32
Which is a role of the application layer?
Available Choices (select all choices that are correct)

  • A. Delivers and formats information, possibly with encryption and security
  • B. Includes user applications specific to network applications such as email, file transfer, and reading data
    registers in a PLC
  • C. Includes protocols specific to network applications such as email, file transfer, and reading data registers
    in a PLC
  • D. Provides the mechanism for opening, closing, and managing a session between end-user application
    processes

Answer: B


NEW QUESTION # 33
What is defined as the hardware and software components of an IACS?
Available Choices (select all choices that are correct)

  • A. COTS software and hardware
  • B. Control system
  • C. Electronic security
  • D. Cybersecuritv

Answer: B


NEW QUESTION # 34
Which is a reason for
and physical security regulations meeting a mixed resistance?
Available Choices (select all choices that are correct)

  • A. Regulations contain only informative elements.
  • B. Cybersecurity risks can best be managed individually and in isolation.
  • C. There are a limited number of enforced cybersecurity and physical security regulations.
  • D. Regulations are voluntary documents.

Answer: C


NEW QUESTION # 35
What is the FIRST step required in implementing ISO 27001?
Available Choices (select all choices that are correct)

  • A. Define an information security policy.
  • B. Create a security management organization.
  • C. Perform a security risk assessment.
  • D. Implement strict security controls.

Answer: B


NEW QUESTION # 36
Which of the following ISA-99 (IEC 62443) Reference Model levels is named correctly?
Available Choices (select all choices that are correct)

  • A. Level 1: Supervisory Control
  • B. Level 4: Process
  • C. Level 2: Quality Control
  • D. Level 3: Operations Management

Answer: D


NEW QUESTION # 37
Which of the following is the underlying protocol for Ethernet/IP?
Available Choices (select all choices that are correct)

  • A. Common Industrial Protocol
  • B. Building Automation and Control Network (BACnet)
  • C. Object Linking and Embedding (OLE) for Process Control
  • D. Highway Addressable Remote Transducer (HART)

Answer: A


NEW QUESTION # 38
What are the four main categories for documents in the ISA-62443 (IEC 62443) series?
Available Choices (select all choices that are correct)

  • A. People. Processes. Technology, and Training
  • B. End-User, Integrator, Vendor, and Regulator
  • C. Assessment. Mitigation. Documentation, and Maintenance
  • D. General. Policies and Procedures. System, and Component

Answer: D


NEW QUESTION # 39
Which of the following refers to internal rules that govern how an organization protects critical system
resources?
Available Choices (select all choices that are correct)

  • A. Security policy
    D- Code of conduct
  • B. Formal guidance
  • C. Legislation

Answer: A


NEW QUESTION # 40
Security Levels (SLs) are broken down into which three types?
Available Choices (select all choices that are correct)

  • A. Target.capability, and achieved
  • B. Target.capacity, and achieved
  • C. SL-1, SL-2, and SL-3
  • D. Target.capability, and availability

Answer: A


NEW QUESTION # 41
What are the connections between security zones called?
Available Choices (select all choices that are correct)

  • A. Firewalls
  • B. Conduits
  • C. Tunnels
  • D. Pathways

Answer: B


NEW QUESTION # 42
Which of the following is an industry sector-specific standard?
Available Choices (select all choices that are correct)

  • A. ISA-62443 (EC 62443)
  • B. NIST SP800-82
  • C. ISO 27001
  • D. API 1164

Answer: D


NEW QUESTION # 43
Using the risk matrix below, what is the risk of a medium likelihood event with high consequence?

  • A. Option B
  • B. Option C
  • C. Option A
  • D. Option D

Answer: A


NEW QUESTION # 44
What type of security level defines what a component or system is capable of meeting?
Available Choices (select all choices that are correct)

  • A. Design security level
  • B. Target security level
  • C. Capability security level
  • D. Achieved security level

Answer: C


NEW QUESTION # 45
Which layer in the Open Systems Interconnection (OSI) model would include the use of the File Transfer
Protocol (FTP)?
Available Choices (select all choices that are correct)

  • A. Session layer
  • B. Transport layer
  • C. Data link layer
  • D. Application layer

Answer: D


NEW QUESTION # 46
Which is a common pitfall when initiating a CSMS program?
Available Choices (select all choices that are correct)

  • A. Immediate jump into detailed risk assessment
  • B. Failure to relate to the mission of the organization
  • C. Insufficient documentation due to lack of good follow-up
  • D. Organizational lack of communication

Answer: B


NEW QUESTION # 47
Multiuser accounts and shared passwords inherently carry which of the followinq risks?
Available Choices (select all choices that are correct)

  • A. Unauthorized access
  • B. Privilege escalation
  • C. Race conditions
  • D. Buffer overflow

Answer: B


NEW QUESTION # 48
Safety management staff are stakeholders of what security program development?
Available Choices (select all choices that are correct)

  • A. CSMS
  • B. CSA
  • C. ERM
  • D. SPRP

Answer: A


NEW QUESTION # 49
Which type of cryptographic algorithms requires more than one key?
Available Choices (select all choices that are correct)

  • A. Asymmetric (public) key
  • B. Stream ciphers
  • C. Symmetric (private) key
  • D. Block ciphers

Answer: A


NEW QUESTION # 50
Which of the following is a recommended default rule for IACS firewalls?
Available Choices (select all choices that are correct)

  • A. Allow traffic directly from the IACS network to the enterprise network.
  • B. Allow all traffic by default.
  • C. Allow IACS devices to access the Internet.
  • D. Block all traffic by default.

Answer: D


NEW QUESTION # 51
What.are the two elements of the risk analysis category of an IACS?
Available Choices (select all choices that are correct)

  • A. Business recovery and risk elimination or mitigation
  • B. Risk evaluation and risk identification
  • C. Business rationale and risk reduction and avoidance
  • D. Business rationale and risk identification and classification

Answer: D


NEW QUESTION # 52
Which activity is part of establishing policy, organization, and awareness?
Available Choices (select all choices that are correct)

  • A. Establish the risk tolerance.
  • B. Identify detailed vulnerabilities.
  • C. Communicate policies.
  • D. Implement countermeasures.

Answer: C


NEW QUESTION # 53
Which of the following is a cause for the increase in attacks on IACS?
Available Choices (select all choices that are correct)

  • A. Use of proprietary communications protocols
  • B. Fewer personnel with system knowledge having access to IACS
  • C. Knowledge of exploits and tools readily available on the Internet
  • D. The move away from commercial off the shelf (COTS) systems, protocols, and networks

Answer: D


NEW QUESTION # 54
Which of the ISA 62443 standards focuses on the process of developing secure products?
Available Choices (select all choices that are correct)

  • A. 62443-3-3
  • B. 62443-1-1
  • C. 62443-3-2
  • D. 62443-4-1

Answer: D


NEW QUESTION # 55
......

Validate your Skills with Updated ISA-IEC-62443 Exam Questions & Answers and Test Engine: https://www.vce4dumps.com/ISA-IEC-62443-valid-torrent.html

Tested & Approved ISA-IEC-62443 Study Materials Download: https://drive.google.com/open?id=1wcBB_DybUYPI_8F_k0fQqobDuGc1sxGS