
素晴らしいISA-IEC-62443試験問題集試そうISA-IEC-62443問題集PDF
ISA-IEC-62443問題集PDFでISA-IEC-62443リアル試験問題解答
質問 # 30
Safety management staff are stakeholders of what security program development?
Available Choices (select all choices that are correct)
- A. CSA
- B. CSMS
- C. SPRP
- D. ERM
正解:B
質問 # 31
Which of the following refers to internal rules that govern how an organization protects critical system
resources?
Available Choices (select all choices that are correct)
- A. Security policy
D- Code of conduct - B. Legislation
- C. Formal guidance
正解:A
質問 # 32
Which of the following attacks relies on a human weakness to succeed?
Available Choices (select all choices that are correct)
- A. Phishing
- B. Escalation-of-privileges
- C. Denial-of-service
- D. Spoofing
正解:A
質問 # 33
How many security levels are in the ISASecure certification program?
Available Choices (select all choices that are correct)
- A. 0
- B. 1
- C. 2
- D. 3
正解:C
質問 # 34
What are the four main categories for documents in the ISA-62443 (IEC 62443) series?
Available Choices (select all choices that are correct)
- A. End-User, Integrator, Vendor, and Regulator
- B. People. Processes. Technology, and Training
- C. Assessment. Mitigation. Documentation, and Maintenance
- D. General. Policies and Procedures. System, and Component
正解:D
質問 # 35
Which is the PRIMARY responsibility of the network layer of the Open Systems Interconnection (OSI)
model?
Available Choices (select all choices that are correct)
- A. Handles the physics of getting a message from one device to another
- B. Forwards packets, including routing through intermediate routers
- C. Gives transparent transfer of data between end users
- D. Provides the rules for framing, converting electrical signals to data
正解:B
質問 # 36
At Layer 4 of the Open Systems Interconnection (OSI) model, what identifies the application that will handle a
packet inside a host?
Available Choices (select all choices that are correct)
- A. A TCP/UDP host ID
- B. ATCP/UDP application ID
- C. ATCP/UDP registry number
- D. ATCP/UDP port number
正解:D
質問 # 37
Within the National Institute of Standards and Technoloqv Cybersecuritv Framework v1.0 (NIST CSF), what
is the status of the ISA 62443 standards?
Available Choices (select all choices that are correct)
- A. They are used as normative references.
- B. They are used as informative references.
- C. They are not used.
- D. They are under consideration for future use.
正解:B
質問 # 38
What is the name of the protocol that implements serial Modbus over Ethernet?
Available Choices (select all choices that are correct)
- A. MODBUS/TCP
- B. MODBUS/Plus
- C. MODBUS/CIP
- D. MODBUS/Ethernet
正解:A
質問 # 39
Which is the PRIMARY reason why Modbus over Ethernet is easy to manaqe in a firewall?
Available Choices (select all choices that are correct)
- A. Modbus is a proprietary protocol that is widely supported by vendors.
- B. Modbus has no known security vulnerabilities, so firewall rules are simple to implement.
- C. Modbus uses a single master to communicate with multiple slaves usinq simple commands.
- D. Modbus uses explicit source and destination IP addresses and a sinqle known TCP port.
正解:D
質問 # 40
The Risk Analysis category contains background information that is used where?
Available Choices (select all choices that are correct)
- A. Only the Assessment element
- B. Many other elements in the CSMS
- C. Only the Risk ID element
- D. (Elements external to the CSMS
正解:C
質問 # 41
Which layer specifies the rules for Modbus Application Protocol
Available Choices (select all choices that are correct)
- A. Application layer
- B. Presentation layer
- C. Data link layer
- D. Session layer
正解:A
質問 # 42
What.are the two elements of the risk analysis category of an IACS?
Available Choices (select all choices that are correct)
- A. Business rationale and risk reduction and avoidance
- B. Business rationale and risk identification and classification
- C. Business recovery and risk elimination or mitigation
- D. Risk evaluation and risk identification
正解:B
質問 # 43
Which is the BEST practice when establishing security zones?
Available Choices (select all choices that are correct)
- A. Security zones should align with physical network segments.
- B. All components in a large or complex system should be in the same security zone.
- C. Security zones should contain assets that share common security requirements.
- D. Assets within the same logical communication network should be in the same security zone.
正解:C
質問 # 44
Which of the following is the BEST example of detection-in-depth best practices?
Available Choices (select all choices that are correct)
- A. IDS sensors deployed within multiple zones in the production environment
- B. Role-based access control and VPNs
- C. Firewalls and unexpected protocols being used
- D. Role-based access control and unusual data transfer patterns
正解:A
質問 # 45
Which type of cryptographic algorithms requires more than one key?
Available Choices (select all choices that are correct)
- A. Symmetric (private) key
- B. Block ciphers
- C. Stream ciphers
- D. Asymmetric (public) key
正解:D
質問 # 46
Which analysis method is MOST frequently used as an input to a security risk assessment?
Available Choices (select all choices that are correct)
- A. Job Safety Analysis(JSA)
- B. System Safety Analysis(SSA)
- C. Process Hazard Analysis (PHA)
- D. Failure Mode and Effects Analysis
正解:C
質問 # 47
Which of the following can be employed as a barrier device in a segmented network?
Available Choices (select all choices that are correct)
- A. Domain controller
- B. Unmanaged switch
- C. VPN
- D. Router
正解:D
質問 # 48
Which is the implementation of PROFIBUS over Ethernet for non-safetv-related communications?
Available Choices (select all choices that are correct)
- A. PROFIBUS PA
- B. PROF1SAFE
- C. PROFINET
- D. PROFIBUS DP
正解:C
質問 # 49
Which is one of the PRIMARY goals of providing a framework addressing secure product development
life-cycle requirements?
Available Choices (select all choices that are correct)
- A. Well-documented security policies and procedures
- B. Aligned development process
- C. Aligned needs of industrial users
- D. Defense-in-depth approach to designing
正解:D
質問 # 50
What does Layer 1 of the ISO/OSI protocol stack provide?
Available Choices (select all choices that are correct)
- A. User applications specific to network applications such as reading data registers in a PLC
- B. The electrical and physical specifications of the data connection
- C. Data encryption, routing, and end-to-end connectivity
- D. Framing, converting electrical signals to data, and error checking
正解:B
質問 # 51
Which is a commonly used protocol for managing secure data transmission on the Internet?
Available Choices (select all choices that are correct)
- A. Secure Sockets Layer
- B. Datagram Transport Layer Security (DTLS)
- C. Microsoft Point-to-Point Encryption
- D. Secure Telnet
正解:A
質問 # 52
What do packet filter firewalls examine?
Available Choices (select all choices that are correct)
- A. Only the source, destination, and ports in the header of each packet
- B. Every incoming packet up to the application layer
- C. The packet structure and sequence
- D. The relationships between packets in a session
正解:A
質問 # 53
......
有効なISA-IEC-62443テスト解答とISA ISA-IEC-62443試験PDF:https://www.jpntest.com/shiken/ISA-IEC-62443-mondaishu
実際に出るISA-IEC-62443試験問題集には正確で更新された問題:https://drive.google.com/open?id=1llftHPbjkAOx_kicsCCqkwBeDD7tj1zY