IEC62443: IC34M EXAM QUESTIONS AND ANSWERS
WITH COMPLETE SOLUTIONS VERIFIED LATEST
UPDATE
What topics are included in the Cybersecurity Requirements Specification
Design and Implement Phase? Design and Engineering of
Cybersecurity Countermeasures
Design and Development of Other
Means of Risk Reduction
Installation, Commissioning and Validation of
Cybersecurity Countermeasures
What standard covers ISA 62443-3-2
Cybersecurity Requirements
Specification?
What standard covers Design ISA 62443-3-3
and Engineering of
Cybersecurity
Countermeasures?
What phase is covered in ISA Maintain Phase
62443-2-1?
What topics are covered in ISA Cybersecurity Maintenance, Monitoring
62443-2-1? and Management of Change Cyber
Incident Response and Recovery
Cybersecurity Management System: Policies,
, Procedures, Training and Awareness
(continuous processes)
Periodic Cybersecurity Audits
Risk Profile A deliverable from a risk assessment
It shows the risk associated with each zone
(unmitigated and mitigated). Similar to a "heat
map" showing the zones with the greatest
risk
SL 0 No requirements or security protection
necessary
SL 1 Protection against casual or coincidental
violation
SL 2 Protection against intentional violation with
low resources, generic skill, and low
motivation
SL 3 Protection against intentional violation with
moderate resources, IACS specific skills, and
moderate motivation
SL 4 Protection against intentional violation with
extended resources, IACS specific skills, and
high motivation
What standard defines the 3 ISA 62443-3-3
security level types?
, What is the SL-T dependent The CRRF (Cyber Risk Reduction Factor)
upon?
CRRF Unmitigated Risk / Tolerable Risk. Measure of
the degree of risk reduction required to
achieve a tolerable risk
SL-T Target Security Level
Must be provided for EACH zone or conduit
It is the DESIRED LEVEL of security for a
particular IACS, zone or conduit
What standard(s) provides ISA 62443-2-1
guidance on the
programmatic aspects of the
design process?
What standard(s) define system- ISA 62443-3-3
level security requirements?
What standard(s) define ISA 62443-4-2
component-level technical
security requirements?
Name three characteristics of a SL-T is required for each security zone or
Target Security Level (SL- T)? conduit
SL-T is dependent upon Cyber Risk Reduction
Factor (CRRF)
Relationship between CRRF and SL-T is based
upon organizations risk matrix and risk
tolerance
What are the four T's of Tolerat
WITH COMPLETE SOLUTIONS VERIFIED LATEST
UPDATE
What topics are included in the Cybersecurity Requirements Specification
Design and Implement Phase? Design and Engineering of
Cybersecurity Countermeasures
Design and Development of Other
Means of Risk Reduction
Installation, Commissioning and Validation of
Cybersecurity Countermeasures
What standard covers ISA 62443-3-2
Cybersecurity Requirements
Specification?
What standard covers Design ISA 62443-3-3
and Engineering of
Cybersecurity
Countermeasures?
What phase is covered in ISA Maintain Phase
62443-2-1?
What topics are covered in ISA Cybersecurity Maintenance, Monitoring
62443-2-1? and Management of Change Cyber
Incident Response and Recovery
Cybersecurity Management System: Policies,
, Procedures, Training and Awareness
(continuous processes)
Periodic Cybersecurity Audits
Risk Profile A deliverable from a risk assessment
It shows the risk associated with each zone
(unmitigated and mitigated). Similar to a "heat
map" showing the zones with the greatest
risk
SL 0 No requirements or security protection
necessary
SL 1 Protection against casual or coincidental
violation
SL 2 Protection against intentional violation with
low resources, generic skill, and low
motivation
SL 3 Protection against intentional violation with
moderate resources, IACS specific skills, and
moderate motivation
SL 4 Protection against intentional violation with
extended resources, IACS specific skills, and
high motivation
What standard defines the 3 ISA 62443-3-3
security level types?
, What is the SL-T dependent The CRRF (Cyber Risk Reduction Factor)
upon?
CRRF Unmitigated Risk / Tolerable Risk. Measure of
the degree of risk reduction required to
achieve a tolerable risk
SL-T Target Security Level
Must be provided for EACH zone or conduit
It is the DESIRED LEVEL of security for a
particular IACS, zone or conduit
What standard(s) provides ISA 62443-2-1
guidance on the
programmatic aspects of the
design process?
What standard(s) define system- ISA 62443-3-3
level security requirements?
What standard(s) define ISA 62443-4-2
component-level technical
security requirements?
Name three characteristics of a SL-T is required for each security zone or
Target Security Level (SL- T)? conduit
SL-T is dependent upon Cyber Risk Reduction
Factor (CRRF)
Relationship between CRRF and SL-T is based
upon organizations risk matrix and risk
tolerance
What are the four T's of Tolerat
