Get Instant Access to ISA-IEC-62443 Practice Exam Questions
Reliable Study Materials & Testing Engine for ISA-IEC-62443 Exam Success!
NEW QUESTION # 32
Which is a role of the application layer?
Available Choices (select all choices that are correct)
- A. Delivers and formats information, possibly with encryption and security
- B. Includes user applications specific to network applications such as email, file transfer, and reading data
registers in a PLC - C. Includes protocols specific to network applications such as email, file transfer, and reading data registers
in a PLC - D. Provides the mechanism for opening, closing, and managing a session between end-user application
processes
Answer: B
NEW QUESTION # 33
What is defined as the hardware and software components of an IACS?
Available Choices (select all choices that are correct)
- A. COTS software and hardware
- B. Control system
- C. Electronic security
- D. Cybersecuritv
Answer: B
NEW QUESTION # 34
Which is a reason for
and physical security regulations meeting a mixed resistance?
Available Choices (select all choices that are correct)
- A. Regulations contain only informative elements.
- B. Cybersecurity risks can best be managed individually and in isolation.
- C. There are a limited number of enforced cybersecurity and physical security regulations.
- D. Regulations are voluntary documents.
Answer: C
NEW QUESTION # 35
What is the FIRST step required in implementing ISO 27001?
Available Choices (select all choices that are correct)
- A. Define an information security policy.
- B. Create a security management organization.
- C. Perform a security risk assessment.
- D. Implement strict security controls.
Answer: B
NEW QUESTION # 36
Which of the following ISA-99 (IEC 62443) Reference Model levels is named correctly?
Available Choices (select all choices that are correct)
- A. Level 1: Supervisory Control
- B. Level 4: Process
- C. Level 2: Quality Control
- D. Level 3: Operations Management
Answer: D
NEW QUESTION # 37
Which of the following is the underlying protocol for Ethernet/IP?
Available Choices (select all choices that are correct)
- A. Common Industrial Protocol
- B. Building Automation and Control Network (BACnet)
- C. Object Linking and Embedding (OLE) for Process Control
- D. Highway Addressable Remote Transducer (HART)
Answer: A
NEW QUESTION # 38
What are the four main categories for documents in the ISA-62443 (IEC 62443) series?
Available Choices (select all choices that are correct)
- A. People. Processes. Technology, and Training
- B. End-User, Integrator, Vendor, and Regulator
- C. Assessment. Mitigation. Documentation, and Maintenance
- D. General. Policies and Procedures. System, and Component
Answer: D
NEW QUESTION # 39
Which of the following refers to internal rules that govern how an organization protects critical system
resources?
Available Choices (select all choices that are correct)
- A. Security policy
D- Code of conduct - B. Formal guidance
- C. Legislation
Answer: A
NEW QUESTION # 40
Security Levels (SLs) are broken down into which three types?
Available Choices (select all choices that are correct)
- A. Target.capability, and achieved
- B. Target.capacity, and achieved
- C. SL-1, SL-2, and SL-3
- D. Target.capability, and availability
Answer: A
NEW QUESTION # 41
What are the connections between security zones called?
Available Choices (select all choices that are correct)
- A. Firewalls
- B. Conduits
- C. Tunnels
- D. Pathways
Answer: B
NEW QUESTION # 42
Which of the following is an industry sector-specific standard?
Available Choices (select all choices that are correct)
- A. ISA-62443 (EC 62443)
- B. NIST SP800-82
- C. ISO 27001
- D. API 1164
Answer: D
NEW QUESTION # 43
Using the risk matrix below, what is the risk of a medium likelihood event with high consequence?
- A. Option B
- B. Option C
- C. Option A
- D. Option D
Answer: A
NEW QUESTION # 44
What type of security level defines what a component or system is capable of meeting?
Available Choices (select all choices that are correct)
- A. Design security level
- B. Target security level
- C. Capability security level
- D. Achieved security level
Answer: C
NEW QUESTION # 45
Which layer in the Open Systems Interconnection (OSI) model would include the use of the File Transfer
Protocol (FTP)?
Available Choices (select all choices that are correct)
- A. Session layer
- B. Transport layer
- C. Data link layer
- D. Application layer
Answer: D
NEW QUESTION # 46
Which is a common pitfall when initiating a CSMS program?
Available Choices (select all choices that are correct)
- A. Immediate jump into detailed risk assessment
- B. Failure to relate to the mission of the organization
- C. Insufficient documentation due to lack of good follow-up
- D. Organizational lack of communication
Answer: B
NEW QUESTION # 47
Multiuser accounts and shared passwords inherently carry which of the followinq risks?
Available Choices (select all choices that are correct)
- A. Unauthorized access
- B. Privilege escalation
- C. Race conditions
- D. Buffer overflow
Answer: B
NEW QUESTION # 48
Safety management staff are stakeholders of what security program development?
Available Choices (select all choices that are correct)
- A. CSMS
- B. CSA
- C. ERM
- D. SPRP
Answer: A
NEW QUESTION # 49
Which type of cryptographic algorithms requires more than one key?
Available Choices (select all choices that are correct)
- A. Asymmetric (public) key
- B. Stream ciphers
- C. Symmetric (private) key
- D. Block ciphers
Answer: A
NEW QUESTION # 50
Which of the following is a recommended default rule for IACS firewalls?
Available Choices (select all choices that are correct)
- A. Allow traffic directly from the IACS network to the enterprise network.
- B. Allow all traffic by default.
- C. Allow IACS devices to access the Internet.
- D. Block all traffic by default.
Answer: D
NEW QUESTION # 51
What.are the two elements of the risk analysis category of an IACS?
Available Choices (select all choices that are correct)
- A. Business recovery and risk elimination or mitigation
- B. Risk evaluation and risk identification
- C. Business rationale and risk reduction and avoidance
- D. Business rationale and risk identification and classification
Answer: D
NEW QUESTION # 52
Which activity is part of establishing policy, organization, and awareness?
Available Choices (select all choices that are correct)
- A. Establish the risk tolerance.
- B. Identify detailed vulnerabilities.
- C. Communicate policies.
- D. Implement countermeasures.
Answer: C
NEW QUESTION # 53
Which of the following is a cause for the increase in attacks on IACS?
Available Choices (select all choices that are correct)
- A. Use of proprietary communications protocols
- B. Fewer personnel with system knowledge having access to IACS
- C. Knowledge of exploits and tools readily available on the Internet
- D. The move away from commercial off the shelf (COTS) systems, protocols, and networks
Answer: D
NEW QUESTION # 54
Which of the ISA 62443 standards focuses on the process of developing secure products?
Available Choices (select all choices that are correct)
- A. 62443-3-3
- B. 62443-1-1
- C. 62443-3-2
- D. 62443-4-1
Answer: D
NEW QUESTION # 55
......
Validate your Skills with Updated ISA-IEC-62443 Exam Questions & Answers and Test Engine: https://www.vce4dumps.com/ISA-IEC-62443-valid-torrent.html
Tested & Approved ISA-IEC-62443 Study Materials Download: https://drive.google.com/open?id=1wcBB_DybUYPI_8F_k0fQqobDuGc1sxGS