
[2024年01月] 更新されたのはISA ISA-IEC-62443問題集PDFオンラインエンジン
ISA-IEC-62443.PDFで問題解答PDFサンプル問題は信頼され続ける
質問 # 42
Which of the following is an industry sector-specific standard?
Available Choices (select all choices that are correct)
- A. ISA-62443 (EC 62443)
- B. ISO 27001
- C. API 1164
- D. NIST SP800-82
正解:C
質問 # 43
Whose responsibility is it to determine the level of risk an organization is willing to tolerate?
Available Choices (select all choices that are correct)
- A. Management
- B. Safety Department
- C. Operations Department
- D. Legal Department
正解:A
質問 # 44
How many element qroups are in the "Addressinq Risk" CSMS cateqorv?
Available Choices (select all choices that are correct)
- A. 0
- B. 1
- C. 2
- D. 3
正解:B
質問 # 45
Which steps are included in the ISA/IEC 62443 assess phase?
Available Choices (select all choices that are correct)
- A. Cybersecurity requirements specification and allocation of IACS assets to zones and conduits
- B. Cybersecurity requirements specification and detailed cyber risk assessment
- C. Detailed cyber risk assessment and cybersecurity maintenance, monitoring, and management of change
- D. Allocation of IACS assets to zones and conduits, and detailed cyber risk assessment
正解:A
質問 # 46
Within the National Institute of Standards and Technoloqv Cybersecuritv Framework v1.0 (NIST CSF), what
is the status of the ISA 62443 standards?
Available Choices (select all choices that are correct)
- A. They are used as informative references.
- B. They are not used.
- C. They are under consideration for future use.
- D. They are used as normative references.
正解:A
質問 # 47
What is the name of the protocol that implements serial Modbus over Ethernet?
Available Choices (select all choices that are correct)
- A. MODBUS/Ethernet
- B. MODBUS/Plus
- C. MODBUS/CIP
- D. MODBUS/TCP
正解:D
質問 # 48
Which of the following refers to internal rules that govern how an organization protects critical system
resources?
Available Choices (select all choices that are correct)
- A. Legislation
- B. Formal guidance
- C. Security policy
D- Code of conduct
正解:C
質問 # 49
What are three possible entry points (pathways) that could be used for launching a cyber attack?
Available Choices (select all choices that are correct)
- A. LAN, WAN, and hard drive
- B. LAN, portable media, and hard drives
- C. LAN, portable media, and wireless
- D. LAN, power source, and wireless OD.
正解:C
質問 # 50
Which of the following is the underlying protocol for Ethernet/IP?
Available Choices (select all choices that are correct)
- A. Highway Addressable Remote Transducer (HART)
- B. Building Automation and Control Network (BACnet)
- C. Object Linking and Embedding (OLE) for Process Control
- D. Common Industrial Protocol
正解:D
質問 # 51
Which of the following is a trend that has caused a significant percentage of security vulnerabilities?
Available Choices (select all choices that are correct)
- A. IACS using equipment designed for measurement and control
- B. IACS becoming integrated with business and enterprise systems
- C. IACS developing into a network of air-gapped systems
- D. IACS evolving into a number of closed proprietary systems
正解:B
質問 # 52
Which of the following is an example of separation of duties as a part of system development and
maintenance?
Available Choices (select all choices that are correct)
- A. Developers write and then test their own code.
- B. Configuration settings are made by one party and self-reviewed using a checklist.
- C. Design and implementation are performed by the same team.
- D. Changes are approved by one party and implemented by another.
正解:D
質問 # 53
Which is the BEST practice when establishing security zones?
Available Choices (select all choices that are correct)
- A. Security zones should contain assets that share common security requirements.
- B. Security zones should align with physical network segments.
- C. All components in a large or complex system should be in the same security zone.
- D. Assets within the same logical communication network should be in the same security zone.
正解:A
質問 # 54
What are the four main categories for documents in the ISA-62443 (IEC 62443) series?
Available Choices (select all choices that are correct)
- A. People. Processes. Technology, and Training
- B. Assessment. Mitigation. Documentation, and Maintenance
- C. General. Policies and Procedures. System, and Component
- D. End-User, Integrator, Vendor, and Regulator
正解:C
質問 # 55
Which of the following is the BEST example of detection-in-depth best practices?
Available Choices (select all choices that are correct)
- A. Role-based access control and VPNs
- B. IDS sensors deployed within multiple zones in the production environment
- C. Firewalls and unexpected protocols being used
- D. Role-based access control and unusual data transfer patterns
正解:B
質問 # 56
Which is a commonly used protocol for managing secure data transmission on the Internet?
Available Choices (select all choices that are correct)
- A. Datagram Transport Layer Security (DTLS)
- B. Microsoft Point-to-Point Encryption
- C. Secure Sockets Layer
- D. Secure Telnet
正解:C
質問 # 57
In a defense-in-depth strategy, what is the purpose of role-based access control?
Available Choices (select all choices that are correct)
- A. Ensures that users can access only the functions they need for their job
- B. Ensures that users can access only certain devices on the network
- C. Ensures that users can access systems from remote locations
- D. Ensures that users correctly manage their username and password
正解:A
質問 # 58
Which characteristic is MOST closely associated with the deployment of a demilitarized zone (DMZ)?
Available Choices (select all choices that are correct)
- A. Internet access through the firewall is allowed.
- B. Level 0 can only interact with Level 1 through the firewall.
- C. Level 4 systems must use the DMZ to communicate with Level 3 and below.
- D. Email is prevented, thereby mitigating the risk of phishing attempts.
正解:C
質問 # 59
Which of the following is a cause for the increase in attacks on IACS?
Available Choices (select all choices that are correct)
- A. The move away from commercial off the shelf (COTS) systems, protocols, and networks
- B. Knowledge of exploits and tools readily available on the Internet
- C. Fewer personnel with system knowledge having access to IACS
- D. Use of proprietary communications protocols
正解:A
質問 # 60
......
ISA ISA-IEC-62443問題集PDFのベストを目指すなら問題集を使おう 目指そう高得点:https://www.jpntest.com/shiken/ISA-IEC-62443-mondaishu
ISA Cybersecurity ISA-IEC-62443試験と認定テストエンジン:https://drive.google.com/open?id=1llftHPbjkAOx_kicsCCqkwBeDD7tj1zY