microIC33 - IACS Cybersecurity Lifecycle Quiz

Questions and Answers

What is the purpose of the 'Assess' phase in the IACS security lifecycle?

Maintenance, monitoring, and management of change

Conduct detailed risk assessment (correct)

Design and engineering of cybersecurity countermeasures

Cybersecurity requirement specification

Which level of the Purdue enterprise reference architecture is associated with MEM/MOMS systems?

Level 0

Level 4

Level 5

Level 3 (correct)

In the 'Implement and design' phase, what task involves the installation, commissioning, and validation of countermeasures?

Incident response and recovery

Design and engineering of cybersecurity countermeasures (correct)

Maintenance, monitoring, and management of change

Cybersecurity requirement specification

Which component is NOT part of the scope preparation for an assessment as mentioned in the text?

Switch port assignment

What are some of the continuous processes mentioned in terms of cybersecurity management system?

Training and awareness

What type of devices should be included in the Asset Inventory Hardware?

Automation devices with Routable serial protocol

Which tool is NOT listed under Software Asset Management (SAM) tools?

Vulnerability scanning toolkit (VST)

What does 'Cyber risk' in the context of cybersecurity consist of?

Threat, vulnerability, and consequences

Which of the following is a tool used for Active vulnerability assessment?

Nessus

What is the purpose of a Gap assessment in the context of IACS cybersecurity vulnerability assessment?

To identify standards and compare documented information