Midterm Flashcards Preview

Question 1

1

When to disclose vulnerability

Answer

after patch released

Question 2

2

where are borders for routable/non-routable networks?

Answer

demarcation of control and SCADA network

Question 3

3

are non routable networks vulnerable? Why?

Answer

Yes, non routable components often have uplinks to controller and/or have things like modems

Question 4

4

ICS incorporates both _ and _ monitoring with some level of ___.

Answer

local, remote, centralized control

Question 5

5

Industrial protocols Modbus/TCP, DNP3 operate at what layer?

Answer

Top layer (application)

Question 6

6

Serial and bus links using Modbus and DNP3 are examples of what?

Answer

non routable networks

Question 7

7

T/F industrial protocols can be made routable by placing them on the OSI stack

true

Answer

used as method of network segregation, regquires logical boundaries

Answer

boundary of a zone, it is logical place to place security controls

Answer

financially, externally, weak or stolen credentials

Answer

internally

Answer

A: availability

Answer

real time usage (latency)

Answer

command and control, in isolation

Answer

-highly interconnected
-various wireless options
-extremely dynamic

Answer

RING and BUS (because of redundancy)

Answer

ability to differentiate and prioritize some traffic over other

Answer

maintained separately (risk mitigation)

Answer

latency, deeper packet inspection

Answer

time critical, deterministic

Answer

ability to differentiate and prioritize some traffic over other

Question 8

8

Zones and enclaves

Question 9

9

network perimeter

Question 10

10

most attacks are _ motivated, and occur _, and use ___

Question 11

11

most incidents occur ____

Question 12

12

True / False: an attacker must have significant system knowledge of operational procedure in order to turn HMI access into an attack

true

Question 13

13

True/False: Industrial networks can be WAN or LAN

true

Question 14

14

For CIA, what is most important for ICS?

Question 15

15

Network design of industrial networks optimizes ____.

Question 16

16

APTs work via while weaponized malware works

Question 17

17

Attacker must know exact ____ in order to alter set point of industrial process

register

Question 18

18

business networks

Question 19

19

Common topologies for ICs

Question 20

20

Topology for end devices

star

Question 21

21

QOS (quality of service) definition

Question 22

22

Domain servers and identity / access control systems should be ____________ for ICS and business networks

Question 23

23

Higher up the protocol stack you go, the higher the due to .

Question 24

24

ICS should optimize network latency because operations are _ and __

Question 25

25

QOS (quality of service) definition

Question 26

26

Industrial wireless networks use what topology?

mesh

Question 27

27

Brainscape's Knowledge GenomeTM

Midterm Flashcards Preview

CS6263 Cyber Physical Systems > Midterm > Flashcards

When to disclose vulnerability

after patch released

where are borders for routable/non-routable networks?

demarcation of control and SCADA network

are non routable networks vulnerable? Why?

Yes, non routable components often have uplinks to controller and/or have things like modems

ICS incorporates both ___ and ___ monitoring with some level of ___.

local, remote, centralized control

Industrial protocols Modbus/TCP, DNP3 operate at what layer?

Top layer (application)

Serial and bus links using Modbus and DNP3 are examples of what?

non routable networks

T/F industrial protocols can be made routable by placing them on the OSI stack

true

Zones and enclaves

used as method of network segregation, regquires logical boundaries

network perimeter

boundary of a zone, it is logical place to place security controls

most attacks are ___ motivated, and occur ___, and use ___

financially, externally, weak or stolen credentials

most incidents occur ____

internally

True / False: an attacker must have significant system knowledge of operational procedure in order to turn HMI access into an attack

true

True/False: Industrial networks can be WAN or LAN

true

For CIA, what is most important for ICS?

A: availability

Network design of industrial networks optimizes ____.

real time usage (latency)

APTs work via ____ while weaponized malware works ____

command and control, in isolation

Attacker must know exact ____ in order to alter set point of industrial process

register

business networks

-highly interconnected-various wireless options-extremely dynamic

Common topologies for ICs

RING and BUS (because of redundancy)

Topology for end devices

star

QOS (quality of service) definition

ability to differentiate and prioritize some traffic over other

Domain servers and identity / access control systems should be ____________ for ICS and business networks

maintained separately (risk mitigation)

Higher up the protocol stack you go, the higher the ____ due to ____.

latency, deeper packet inspection

ICS should optimize network latency because operations are _____ and ______

time critical, deterministic

QOS (quality of service) definition

ability to differentiate and prioritize some traffic over other

Industrial wireless networks use what topology?

mesh

is ICS network topology static or fixed?

fixed

Key Links

Subjects

Company

Find Us

Brainscape's Knowledge Genome^TM

ICS incorporates both _ and _ monitoring with some level of ___.

most attacks are _ motivated, and occur _, and use ___

APTs work via while weaponized malware works

-highly interconnected
-various wireless options
-extremely dynamic

Higher up the protocol stack you go, the higher the due to .

ICS should optimize network latency because operations are _ and __