ICS Standards and Frameworks Quiz

Questions and Answers

What is the most important set of standards mentioned in the text?

NIST Cybersecurity Framework

IEC 62443 (correct)

Fortinet reference architecture

Network components and software applications

Which organization built its reference architecture around the cybersecurity standard of multi-industry (IEC 62443)?

Fortinet (correct)

Train operators

NIST

Utilities

What does the NIST Cybersecurity Framework provide guidance on?

Physical security of assets

Computer security (correct)

Preventing natural disasters

Network security

What does the IEC 62443 standard focus on?

Cybersecurity protection methods and techniques

What does the NIST cybersecurity framework integrate?

Industry standards and best practices

What does the NIST Cybersecurity Framework help organizations understand?

Cybersecurity risks

What does the IEC 62443 standard define?

Levels of cybersecurity capabilities

Who are the asset owners regulated by in terms of compliance to several standards?

Institutions, agencies, and regulators

What is the NIST Cybersecurity Framework designed to help organizations manage?

Cybersecurity risks

What is the IEC 62443 standard specific to?

O.T security

What does the NIST Cybersecurity Framework help organizations improve?

Ability to prevent, detect, and respond to cyber attacks

What is the purpose of defining security levels (SL) according to IEC 62443 standard?

To determine the level of security a device should have based on its place in the system

What is the highest security level (SL) in the IEC 62443 standard?

Level 4: An intentional attack with extensive resources

What should be done if devices inside a zone cannot meet the corresponding security level (SL) target according to IEC 62443 standard?

Plan countermeasures to help reach the SL target

What are the types of countermeasures that can help reach the security level (SL) target in a zone according to IEC 62443 standard?

Technical, administrative, and physical

What does the Purdue Model traditionally segment O.T based on?

Operational needs: use, flexibility, availability of physical processes, and safety

Where are the critical physical assets placed on the physical plant floor according to the Purdue Model?

In control area zones

What elements are included in the control area zones on the plant floor according to the Purdue Model?

Process automation elements, servers, PLCs, RTUs, and IEDs

Where can shared services, management and analytics, historians, and data shared between O.T and I.T be found according to the Purdue Model?

In the operations and control zone

Where does traditional I.T reside and connect with the external internet according to the Purdue Model?

In the enterprise zone

What are the types of devices placed in the operations and control zone according to the Purdue Model?

Servers, engineering workstations, operator workstations

What does the enterprise zone connect with according to the Purdue Model?

The external internet

What is the purpose of defining security levels in the IEC 62443 standard?

To determine the level of security a device should have based on its place in the system

What is the highest security level in the IEC 62443 standard?

Level 4: An intentional attack with extensive resources

What should be done if the devices inside a zone cannot meet the corresponding security level?

Plan countermeasures to help reach the security level target

What are the three types of countermeasures mentioned in the text to reach the security level target?

Technical, administrative, physical

Which zone in the Purdue Model consists of servers, engineering workstations, and operator workstations?

Operations and control zone

Where are the critical physical assets typically placed in the Purdue Model?

On the physical plant floor

What are the components of the control area zones in the Purdue Model?

Process automation elements, servers, PLCs, RTUs, and IEDs

Where does the enterprise zone in the Purdue Model connect with the external internet?

Enterprise zone

What is the purpose of the DMZ in the Purdue Model?

To host shared services, management and analytics, historians, and data shared between O.T and I.T

Which zone in the Purdue Model is broken up into control area zones?

Operations and control zone

What are the critical physical assets equipped with on the plant floor in the Purdue Model?

Sensors (I-IoT)

Study Notes

Cybersecurity Standards

• The most important set of standards mentioned in the text is IEC 62443, a multi-industry cybersecurity standard.

NIST Cybersecurity Framework

• Provides guidance on managing and reducing cybersecurity risk.
• Integrates industry standards and best practices to manage cybersecurity risk.
• Helps organizations understand and manage cybersecurity risk.

IEC 62443 Standard

• Focuses on Industrial Automation and Control Systems (IACS) cybersecurity.
• Defines the security levels (SL) in four categories: SL 0 to SL 4, with SL 4 being the highest.
• The purpose of defining security levels is to ensure devices in a zone meet the corresponding security level target.

Purdue Model

• Traditionally segments O.T. into six zones: enterprise, demographics, manufacturing, control, supervisory, and peripherals.
• Critical physical assets are placed on the physical plant floor in the manufacturing zone.
• Control area zones on the plant floor include sensors, actuators, and other devices.
• Shared services, management, analytics, historians, and data shared between O.T and I.T. are found in the demographics zone.
• Traditional I.T. resides and connects with the external internet in the enterprise zone.
• Devices in the operations and control zone include RTUs, PLCs, and HMIs.
• The enterprise zone connects with the external internet.

Security Measures

• If devices inside a zone cannot meet the corresponding security level target, additional countermeasures should be implemented.
• Three types of countermeasures mentioned to reach the security level target are: avoid, transfer, and mitigate.

Description

Test your knowledge of ICS standards and frameworks with this quiz. Explore the most important standards and guidelines that regulate asset owners such as utilities and train operators. Build your expertise in compliance by identifying the critically important set of standards and their key components.