Facility Security

Question 1

What is a CAN in Facility Security?

Answer 1

Controller Area Network. Digital Serial Communications network within vehicles

Question 2

What is the primary interface for a CAN in a vehicle

Answer 2

ODB-II (on-board diagnostics)

Question 3

What are the security concerns with CANs

Answer 3

There is no concept of source addressing or message authentication in a CAN bus

Question 4

How can CAN busses be exploited

Answer 4

Attach an exploit to the OBD-11 bus
Exploit onboard cellular connection
Exploit over wifi

Question 5

What is IOT

Answer 5

A group of objects, electronic or not, that are connected to the wider internet using embedded electronic components

Question 6

What is the typical OS for most smart devices

Answer 6

An embedded version of linux or Android

Question 7

What should occur when vulnerabilities for smart devices are identified?

Answer 7

Efforts must be taken to patch vulnerabilities

Question 8

What is an embedded system

Answer 8

Computer system designed to perform a specific or dedicated function.

Question 9

What are some of the security concerns with embedded systems

Answer 9

They are considered state environments where frequesnt changes are not made or allowed.

They often have very little support for finding and correcting security vulnerabilities.

Question 10

What is a PLC

Answer 10

Programmable Logic Controllers are a type of computer that are designed for industrial or outdoor settings

They can automate and monitor mechanical systems.

Question 11

Can PLC Firmware be patched or reprogrammed?

Answer 11

Yes, the firmware can be patched and reprogrammed

Question 12

What is a SoC

Answer 12

System on a chip is processor that integrates the platform functionality of multiple logical controllers onto a single chip.

Combines PLCs into a single chip

Question 13

Are SoCs power efficient?

Answer 13

yes, when used with an embedded system, SoCs are power efficient

Question 14

What is an RTOS

Answer 14

A Real Time Operating System is an OS that prioritizes deterministic executions of operations to ensure consistent response for time critical tasks.

Question 15

What are some operational concerns with Embedded Systems

Answer 15

They typically cannot tolerate reboots or crashes

and must have response times that are predictable within microseconds.

Question 16

What is an FPGA

Answer 16

A Field Programmable Gate Array is a processor that con be programed to perform a specific function by a customer rather then being programmed at the time of manufacture.

Question 17

Can SoCs be reprogrammed?

Answer 17

No, once they are programmed, they cannot be over written/

Question 18

What is a benefit of a FPGA

Answer 18

They allow customers to configure the programming logic to run a specific application instead of using ASIC ( Application Specific Integrated Circuits)

Question 19

What is OT

Answer 19

Operational Technology communication network designed to implement an ICS (Industrial Control System) rather than a data networking system

Question 20

Describe an ICS

Answer 20

Industrial Control Systems prioritize Availability and Integrity over security over confidentiality.

It is a network that manages embedded devices

Makes use of Field Bus for its communication protocol.

Powers things such as Water supplies, manufacturing

Question 21

What is FieldBus

Answer 21

Digital Serial Data communications used in OT networks to link PLCs

Question 22

What is an HMI

Answer 22

Human Machine interfaces are an I/O panel that allows users to configure and moniutor the system

Question 23

Describe how an ICS system works

Answer 23

ICS manages the process automation by linking together PLCs using a fieldbus to make changes in the physical world.

Question 24

What is a Data Historian

Answer 24

Software that aggregates and catalogues data from multiple sources wihtin an ICS

Question 25

What is SCADA

Answer 25

Supervisory Control and Data Acquisition

Type of ICS that manages large scale, multiple site devices and equipment over a large area.

Question 26

How does SCADA fit into an organization

Answer 26

Typically ran as software on an ordinary computer.

It gathers data from and manages plant devices and equipment with embedded PLCs that are connected over a WAN

Question 27

What is ModBus

Answer 27

Communications protocol used in OR networks.

OT does not use TCP/IP Stack, it uses ModBus.

Question 28

What does ModBus do

Answer 28

It gives control servers and SCADA hosts the ability to query and change the configuration of PLCs

Question 29

What are the four steps to mitigating vulnerabilities for specialized systems as outlined by the NIST

Answer 29

1. Establish administrative control over OT networks by recruiting staff with relevant experience
2. Implement the minimum network links by disabling unnecessary links, services, and protocols.
3. Develop and test a patch management program for OT networks.
4. Perform regulate audits of logical and physical access to systems to detect possible vulnerabilities and intrusions.

Question 30

What is an important warning for OT security audits

Answer 30

enumeration tools and active vulnerability scans can cause issues with OT networks.

Question 31

What is a Premise System

Answer 31

Systems used for building automation and physical access systems

Many physical system designs allow for monitoring from corporate date networks over lan

Question 32

What is a BAS

Answer 32

Building Automation Systems are components and protocols that facilitate the centralized configuration and monitoring of systems in an office.

Question 33

What are some vulnerabilities of BAS

Answer 33

Process and memory vulnerabilities in PLCs

Plaintext credentials or keys in application code.

Code injections against web-user interface`

Question 34

What are some DOS concerns within a BAS

Answer 34

DOS conditions could be caused by an attack on a BAS that affects items such as HVAC.

If HVAC is interrupted and a server room gets too hot, the servers may shut down to prevent damage to the hardware.

Question 35

What is a PACS system

Answer 35

Physical Access Control systems are components and protocols that facilitates the centralized configuration and monitoring of security mechanisms within offices and data centers

Question 36

Can PACS be implemented both as part of a BAS or be an independent system?

Answer 36

Yes, they can be both.

One concern is that if implemented by a vendor, they can fall outside of Threat Hunting as they are managed by a vendor

Question 37

What are the types of cameras used in physical security monitoring

Answer 37

PTZ ( Pan Tilt Zoom)
CCTV (Closed Circuit TV)

Question 38

Types of door locks used in physical security

Answer 38

Keys, PINS, Wireless Signals (NFC, RFID), or Biometrics

Question 39

Describe biometric readers

Answer 39

PACs that rely on the physical characteristics of a person to identify them.

Biometrics are considered a “Something you are: authentication method.

Question 40

What is an FAR in for biometric readers?

Answer 40

(False Acceptance Rate )
Rate that a system authenticates a user as authorized or validated when they should not have been granted access to the system

Question 41

What is the FRR for biometric readers?

Answer 41

False Rejection Rate is the rate at which a user is rejected when they should have been validated.

Question 42

What is the CER for biometric readers?

Answer 42

Crossover Error Rate is where the false acceptance rate and false rejection rate are equal.

CER measures the effectiveness of a biometric system.

Question 43

What are type A hand held extinguishers used for

Answer 43

Ordinary solid combustibles - Wood, Paper, Fabrics, Rubber.

They are Water based

Green Triangles with an A

Question 44

What are type B hand held extinguishers used for

Answer 44

Flammable Liquids and gasses:
Gasoline, Oils, Paint, Lacquer

They are a dry chemical or CO2 based

Red squares with a B

Question 45

What are type C hand held extinguishers used for

Answer 45

Fire involving live electrical equipment
1- shut down power

CO2 based extinguisher

Blue circle with a C

Question 46

What are type D hand held extinguishers used for

Answer 46

Combustible metals or metal alloys:
Lithium Fires from batteries

Golden Star with a D

Question 47

What are type K hand held extinguishers used for

Answer 47

Fire in cooking appliances that involve combustible cooking media:

Vegetable or animals oils or fats.

Question 48

What are the two types of sprinklers

Answer 48

Wet pipe - Puptes filled with water ready for the tips to be melted off

Dry pipe - Pipes filled with air through which water is pushed when needed

Pre action - Will activate when heat or a fire is detected

Question 49

What is special hazard protection

Answer 49

Clean Agent Syetem that uses inert gas to fight fires where there is live electrical equipment. Can use HALON gas or FM-200, or Co2

Question 50

What should the level of humidity for HVAC be allowed

Answer 50

40% humidity

Too high, the moisture may cause corrosion on the hardware
Too low, electrostatic discharge may damage hardware

HVAC may be managed via ICS or SCADA

Question 51

What is the Tempest designation

Answer 51

US Gov standard for the level of shielding required in a building to ensure that emissions and interference cannot enter or exit the facilities.

Also EMP resistant.