Flashcards in Midterm Deck (27)
Loading flashcards...
1
When to disclose vulnerability
after patch released
2
where are borders for routable/non-routable networks?
demarcation of control and SCADA network
3
are non routable networks vulnerable? Why?
Yes, non routable components often have uplinks to controller and/or have things like modems
4
ICS incorporates both ___ and ___ monitoring with some level of ___.
local, remote, centralized control
5
Industrial protocols Modbus/TCP, DNP3 operate at what layer?
Top layer (application)
6
Serial and bus links using Modbus and DNP3 are examples of what?
non routable networks
7
T/F industrial protocols can be made routable by placing them on the OSI stack
true
8
Zones and enclaves
used as method of network segregation, regquires logical boundaries
9
network perimeter
boundary of a zone, it is logical place to place security controls
10
most attacks are ___ motivated, and occur ___, and use ___
financially, externally, weak or stolen credentials
11
most incidents occur ____
internally
12
True / False: an attacker must have significant system knowledge of operational procedure in order to turn HMI access into an attack
true
13
True/False: Industrial networks can be WAN or LAN
true
14
For CIA, what is most important for ICS?
A: availability
15
Network design of industrial networks optimizes ____.
real time usage (latency)
16
APTs work via ____ while weaponized malware works ____
command and control, in isolation
17
Attacker must know exact ____ in order to alter set point of industrial process
register
18
business networks
-highly interconnected
-various wireless options
-extremely dynamic
19
Common topologies for ICs
RING and BUS (because of redundancy)
20
Topology for end devices
star
21
QOS (quality of service) definition
ability to differentiate and prioritize some traffic over other
22
Domain servers and identity / access control systems should be ____________ for ICS and business networks
maintained separately (risk mitigation)
23
Higher up the protocol stack you go, the higher the ____ due to ____.
latency, deeper packet inspection
24
ICS should optimize network latency because operations are _____ and ______
time critical, deterministic
25
QOS (quality of service) definition
ability to differentiate and prioritize some traffic over other
26
Industrial wireless networks use what topology?
mesh
27