ISA-IEC-62443 시험 - ISA실제시험문제와 답 - 88문항

Question No : 1

Which communications system covers a large geographic area?
Available Choices (select all choices that are correct)

A.Campus Area Network (CAN)
B.Local Area Network (LAN)
C.Storage Area Network
D.Wide Area Network (WAN)

정답:

Question No : 2

Which of the following is a recommended default rule for IACS firewalls?
Available Choices (select all choices that are correct)

A.Allow all traffic by default.
B.Allow IACS devices to access the Internet.
C.Allow traffic directly from the IACS network to the enterprise network.
D.Block all traffic by default.

정답:

Question No : 3

Which is a physical layer standard for serial communications between two or more devices?
Available Choices (select all choices that are correct)

A.RS232
B.RS235
C.RS432
D.RS435

정답:

Question No : 4

Using the risk matrix below, what is the risk of a medium likelihood event with high consequence?

A.Option A
B.Option B
C.Option C
D.Option D

정답:

Question No : 5

Which of the following is an industry sector-specific standard?
Available Choices (select all choices that are correct)

A.ISA-62443 (EC 62443)
B.NIST SP800-82
C.API 1164
D.ISO 27001

정답:

Question No : 6

Which is a PRIMARY reason why network security is important in IACS environments?
Available Choices (select all choices that are correct)

A.PLCs are inherently unreliable.
B.PLCs are programmed using ladder logic.
C.PLCs use serial or Ethernet communications methods.
D.PLCs under cyber attack can have costly and dangerous impacts.

정답:

Question No : 7

How many element qroups are in the "Addressinq Risk" CSMS cateqorv?
Available Choices (select all choices that are correct)

A.2
B.3
C.4
D.5

정답:

Question No : 8

Which is a reason for and physical security regulations meeting a mixed resistance?
Available Choices (select all choices that are correct)

A.Regulations are voluntary documents.
B.Regulations contain only informative elements.
C.Cybersecurity risks can best be managed individually and in isolation.
D.There are a limited number of enforced cybersecurity and physical security regulations.

정답:

Question No : 9

Why is patch management more difficult for IACS than for business systems?
Available Choices (select all choices that are correct)

A.Overtime pay is required for technicians.
B.Many more approvals are required.
C.Patching a live automation system can create safety risks.
D.Business systems automatically update.

정답:

Question No : 10

Which activity is part of establishing policy, organization, and awareness?
Available Choices (select all choices that are correct)

A.Communicate policies.
B.Establish the risk tolerance.
C.Identify detailed vulnerabilities.
D.Implement countermeasures.

정답:

Question No : 11

Which is one of the PRIMARY goals of providing a framework addressing secure product development life-cycle requirements?
Available Choices (select all choices that are correct)

A.Aligned development process
B.Aligned needs of industrial users
C.Well-documented security policies and procedures
D.Defense-in-depth approach to designing

정답:

Question No : 12

Security Levels (SLs) are broken down into which three types?
Available Choices (select all choices that are correct)

A.SL-1, SL-2, and SL-3
B.Target.capability, and achieved
C.Target.capability, and availability
D.Target.capacity, and achieved

정답:

Question No : 13

Which of the following is an activity that should trigger a review of the CSMS?
Available Choices (select all choices that are correct)

A.Budgeting
B.New technical controls
C.Organizational restructuring
D.Security incident exposing previously unknown risk.

정답:

Question No : 14

What is a commonly used protocol for managing secure data transmission over a Virtual Private Network (VPN)?
Available Choices (select all choices that are correct)

A.HTTPS
B.IPSec
C.MPLS
D.SSH

정답:

Question No : 15

Which analysis method is MOST frequently used as an input to a security risk assessment?
Available Choices (select all choices that are correct)

A.Failure Mode and Effects Analysis
B.Job Safety Analysis
C.Process Hazard Analysis (PHA)
D.System Safety Analysis(SSA)

정답:

ISA ISA-IEC-62443 시험