ICS/SCADA Security Questions and
Correct Answers, 122 Q&A. 100% Correct.
Latest 2024/2025.
Impersonation attacks
Authentication
Eavesdropping attacks
Confidentiality
Modification attacks
Integrity
DOS attacks
Availability
Discretionary Access Control (DAC)
Used in most operating systems
As the owner, you control who has access to a file
You can modify at any time
Very flexible access control
Very weak security
Role-Based Access Control (RBAC)
You have a role in the company
Admin provides access based on the role of the user
In windows, we use groups to provide this kind of access control
Mandatory Access Control (MAC)
The OS limits the operation on an object
Based on security clearance levels
Every object gets a label such as confidential, secret, top secret, etc
Labeling of objects uses predefined rules
,Admin decides who gets what levels, users can't change the settings
ERP system
These systems, take data from subordinate systems, often across multiple sites or an enterprise, to
look at overall supply, production, and demand to manage work orders
Used in enterprise zone
ICS is rarely directly connected to this device
Level 5: Enterprise Zone
ERP systems are user here to understand and respond to supply and demand
Where the supply chain is managed
Usually exists at corporate or multi-site headquarters
Level 4: Site business planning and logistics
Enterprise servers are here
Represents IT systems used at each plant or facility to control the operation of the local facility
Monitors the performance at lower levels to understand the state of operations, performance
against production schedule, management of problems at the local plant, and updating enterprise
systems a level 5
ICS DMZ
Present at the level are replication servers, patch management, servers, engineering, workstations,
and configuration/change management systems
Level 3: Site manufacturing and operation control
usually contains SCADA's supervisory aspect, DCS view and control access, or control rooms with
view and monitoring, process events and trends, responding to alarms and events, managing uptime
and availability of the process with functions such as work order maintenance, and ensuring product
quality
Level 2: Area Supervisory Control
This is where the process cell of line-level functions primarily exist for local control over individual
areas of a process
ICS starts to appear here (PLCs and VFDs Variable Frequency Drives)
HMIs are the main system here
Level 1: Basic Control
, Primary location for PLCs and VFDs (Variable Frequency Drives)
Operators interact with set points and logic of the BPCS at this level to optimize plant operations
Also include sensors, actuators, relays, and other components that measure and report process
values to PLCs, DCSs, SCADA, and other components in level 1-5
Level 0: Process
A.K.A. Equipment Under Control
Includes drivers, motors, values, and other components that comprise the actual process
Integrity is paramount to safety
Basic Process Control System (BPCS)
Control the process within configurable limits known as set points
Provide live data to HMIs
ICS/SCADA
A collection of equipment, devices, communication methods that when you combine for the
foundational system, perform a specific task, delivery, service, or create a particular product
Typically covered long distance and include gas, power, and water distribution
SCADA
A combination of hardware and software that enables the automation of industrial processes by
capturing OT real-time data
Allows supervisory and control of plant both locally and remotely
Ability to log data for historical purposes
PLCs
Have functions like timing, counting, comparing, and processing of various analog signals
Microcontroller
Brain of the PLC
has Firmware using Ladder Logic
Factors to mitigate risk
Policies and procedures
Technology to ensure users are following policies and procedures
Residual Risk
Correct Answers, 122 Q&A. 100% Correct.
Latest 2024/2025.
Impersonation attacks
Authentication
Eavesdropping attacks
Confidentiality
Modification attacks
Integrity
DOS attacks
Availability
Discretionary Access Control (DAC)
Used in most operating systems
As the owner, you control who has access to a file
You can modify at any time
Very flexible access control
Very weak security
Role-Based Access Control (RBAC)
You have a role in the company
Admin provides access based on the role of the user
In windows, we use groups to provide this kind of access control
Mandatory Access Control (MAC)
The OS limits the operation on an object
Based on security clearance levels
Every object gets a label such as confidential, secret, top secret, etc
Labeling of objects uses predefined rules
,Admin decides who gets what levels, users can't change the settings
ERP system
These systems, take data from subordinate systems, often across multiple sites or an enterprise, to
look at overall supply, production, and demand to manage work orders
Used in enterprise zone
ICS is rarely directly connected to this device
Level 5: Enterprise Zone
ERP systems are user here to understand and respond to supply and demand
Where the supply chain is managed
Usually exists at corporate or multi-site headquarters
Level 4: Site business planning and logistics
Enterprise servers are here
Represents IT systems used at each plant or facility to control the operation of the local facility
Monitors the performance at lower levels to understand the state of operations, performance
against production schedule, management of problems at the local plant, and updating enterprise
systems a level 5
ICS DMZ
Present at the level are replication servers, patch management, servers, engineering, workstations,
and configuration/change management systems
Level 3: Site manufacturing and operation control
usually contains SCADA's supervisory aspect, DCS view and control access, or control rooms with
view and monitoring, process events and trends, responding to alarms and events, managing uptime
and availability of the process with functions such as work order maintenance, and ensuring product
quality
Level 2: Area Supervisory Control
This is where the process cell of line-level functions primarily exist for local control over individual
areas of a process
ICS starts to appear here (PLCs and VFDs Variable Frequency Drives)
HMIs are the main system here
Level 1: Basic Control
, Primary location for PLCs and VFDs (Variable Frequency Drives)
Operators interact with set points and logic of the BPCS at this level to optimize plant operations
Also include sensors, actuators, relays, and other components that measure and report process
values to PLCs, DCSs, SCADA, and other components in level 1-5
Level 0: Process
A.K.A. Equipment Under Control
Includes drivers, motors, values, and other components that comprise the actual process
Integrity is paramount to safety
Basic Process Control System (BPCS)
Control the process within configurable limits known as set points
Provide live data to HMIs
ICS/SCADA
A collection of equipment, devices, communication methods that when you combine for the
foundational system, perform a specific task, delivery, service, or create a particular product
Typically covered long distance and include gas, power, and water distribution
SCADA
A combination of hardware and software that enables the automation of industrial processes by
capturing OT real-time data
Allows supervisory and control of plant both locally and remotely
Ability to log data for historical purposes
PLCs
Have functions like timing, counting, comparing, and processing of various analog signals
Microcontroller
Brain of the PLC
has Firmware using Ladder Logic
Factors to mitigate risk
Policies and procedures
Technology to ensure users are following policies and procedures
Residual Risk
