IEC62443: IC33M EXAM QUESTIONS AND ANSWERS WITH
COMPLETE SOLUTIONS VERIFIED GRADED A+
What are the 3 phases of the Assess, Develop & Implement, Maintain
security life cycle?
What topics are in the Assess High Level Cyber Risk Assessment, Allocation of
Phase? IACS Assets to Security Zones or Conduits,
Detailed Cyber Risk Assessment
What standard establishes ISA 62443-3-2
guidelines for the Assess
phase?
______ identifies functional layers ISA95, 5
of an enterprise
system
Level 0 Process; defines the actual physical processes
Level 1 Safety&Protection / Basic Control: Intelligent
devices, Sensing and manipulating the
physical processes. Process sensors,
analyzers, actuators
Level 2 Supervisory Control; Supervising, monitoring
and controlling the physical processes. Real-
time controls and software; DCS, HMI,
SCADA
Level 3 Operations Management; Managing
, production work flow, batch management,
manufacturing execution/operations
management systems (MES/MOMS), data
historians, laboratory maintenance and plant
performance management systems
Level 4 Enterprise Systems (Business Planning and
Logistics); ERP is the primary system; establishes
the basic plant production schedule, material
use, shipping and
inventory levels
What should Hardware Inventory Computers (servers/workstations), Network
include? equipment
(switches/routers/firewalls), Automation devices
(PLC/DCS/VFD/RTU), All devices with Ethernet /
IP address, Devices with routable serial
protocols (ControlNet,
Profibus, Modbus TCP), Virtual Machines (VMs)
What should Software Inventory Operating Systems, Applications, Databases,
include? Firmware
Which document details how Network Diagram
the network is physically and
logically constructed?
What is the assessment of the Cybersecurity Criticality Assessment
criticality of an IACS asset called?
What level in the ISA 62443 Level 4
Reference Model includes
Business Planning and
, Logistics?
What are the three main Assess, Develop and Implement, Maintain
phases of the IACS
Cybersecurity
Lifecycle?
When creating network ISA-62443-1-1 Reference Model
diagrams, it is suggested to
follow which model?
Which assessment measures the Cyber Criticality Assessment
negative impact of an
IACS asset should information
be unavailable, unreliable, or
compromised?
Which documents illustrate System Architecture Diagrams
components of a system,
connectivity and physical
location?
Which level in the ISA 62443 Level 0
Reference Model defines the
actual physical processes?
The first step in preparing for an Define scope
assessment is to?
Threat Source the entity that can manifest a threat
Threat Vector the means the threat source may utilize to
compromise the zone or conduit
What are the different Natural, technological, or actors.
COMPLETE SOLUTIONS VERIFIED GRADED A+
What are the 3 phases of the Assess, Develop & Implement, Maintain
security life cycle?
What topics are in the Assess High Level Cyber Risk Assessment, Allocation of
Phase? IACS Assets to Security Zones or Conduits,
Detailed Cyber Risk Assessment
What standard establishes ISA 62443-3-2
guidelines for the Assess
phase?
______ identifies functional layers ISA95, 5
of an enterprise
system
Level 0 Process; defines the actual physical processes
Level 1 Safety&Protection / Basic Control: Intelligent
devices, Sensing and manipulating the
physical processes. Process sensors,
analyzers, actuators
Level 2 Supervisory Control; Supervising, monitoring
and controlling the physical processes. Real-
time controls and software; DCS, HMI,
SCADA
Level 3 Operations Management; Managing
, production work flow, batch management,
manufacturing execution/operations
management systems (MES/MOMS), data
historians, laboratory maintenance and plant
performance management systems
Level 4 Enterprise Systems (Business Planning and
Logistics); ERP is the primary system; establishes
the basic plant production schedule, material
use, shipping and
inventory levels
What should Hardware Inventory Computers (servers/workstations), Network
include? equipment
(switches/routers/firewalls), Automation devices
(PLC/DCS/VFD/RTU), All devices with Ethernet /
IP address, Devices with routable serial
protocols (ControlNet,
Profibus, Modbus TCP), Virtual Machines (VMs)
What should Software Inventory Operating Systems, Applications, Databases,
include? Firmware
Which document details how Network Diagram
the network is physically and
logically constructed?
What is the assessment of the Cybersecurity Criticality Assessment
criticality of an IACS asset called?
What level in the ISA 62443 Level 4
Reference Model includes
Business Planning and
, Logistics?
What are the three main Assess, Develop and Implement, Maintain
phases of the IACS
Cybersecurity
Lifecycle?
When creating network ISA-62443-1-1 Reference Model
diagrams, it is suggested to
follow which model?
Which assessment measures the Cyber Criticality Assessment
negative impact of an
IACS asset should information
be unavailable, unreliable, or
compromised?
Which documents illustrate System Architecture Diagrams
components of a system,
connectivity and physical
location?
Which level in the ISA 62443 Level 0
Reference Model defines the
actual physical processes?
The first step in preparing for an Define scope
assessment is to?
Threat Source the entity that can manifest a threat
Threat Vector the means the threat source may utilize to
compromise the zone or conduit
What are the different Natural, technological, or actors.
