Practice Free ISA-IEC-62443 Exam Online Questions
After receiving an approved patch from the JACS vendor, what is BEST practice for the asset owner to follow?
vailable Choices (select all choices that are correct)
- A . If a low priority, there is no need to apply the patch.
- B . If a medium priority, schedule the installation within three months after receipt.
- C . If a high priority, apply the patch at the first unscheduled outage.
- D . If no problems are experienced with the current IACS, it is not necessary to apply the patch.
What are the four main categories for documents in the ISA-62443 (IEC 62443) series?
Available Choices (select all choices that are correct)
- A . General. Policies and Procedures. System, and Component
- B . End-User, Integrator, Vendor, and Regulator
- C . Assessment. Mitigation. Documentation, and Maintenance
- D . People. Processes. Technology, and Training
In an IACS system, a typical security conduit consists of which of the following assets?
Available Choices (select all choices that are correct)
- A . Controllers, sensors, transmitters, and final control elements
- B . Wiring, routers, switches, and network management devices
- C . Ferrous, thick wall, and threaded conduit including raceways
- D . Power lines, cabinet enclosures, and protective grounds
Which of the following attacks relies on a human weakness to succeed?
Available Choices (select all choices that are correct)
- A . Denial-of-service
- B . Phishing
- C . Escalation-of-privileges
- D . Spoofing
Why is OPC Classic considered firewall unfriendly?
Available Choices (select all choices that are correct)
- A . OPC Classic uses DCOM, which dynamically assigns any port between 1024 and 65535.
- B . OPC Classic is allowed to use only port 80.
- C . OPC Classic works with control devices from different manufacturers.
- D . OPC Classic is an obsolete communication standard.
Which analysis method is MOST frequently used as an input to a security risk assessment?
Available Choices (select all choices that are correct)
- A . Failure Mode and Effects Analysis
- B . Job Safety Analysis (JSA)
- C . Process Hazard Analysis (PHA)
- D . System Safety Analysis (SSA)
Who must be included in a training and security awareness program?
Available Choices (select all choices that are correct)
- A . Vendors and suppliers
- B . Employees
- C . All personnel
- D . Temporary staff
Which service does an Intrusion Detection System (IDS) provide?
Available Choices (select all choices that are correct)
- A . It is the lock on the door for networks and computer systems.
- B . It is effective against all vulnerabilities in networks and computer systems.
- C . It blocks malicious activity in networks and computer systems.
- D . It detects attempts to break into or misuse a computer system.
Which of the following tools has the potential for serious disruption of a control network and should not be used on a live system?
Available Choices (select all choices that are correct)
- A . Remote desktop
- B . Vulnerability scanner
- C . FTP
- D . Web browser
Which of the ISA 62443 standards focuses on the process of developing secure products?
Available Choices (select all choices that are correct)
- A . 62443-1-1
- B . 62443-3-2
- C . 62443-3-3
- D . 62443-4-1