ICS410: ICS/SCADA Security
Essentials.
Section 1: Basics of ICS/SCADA
1. Question: What does ICS stand for?
o Answer: Industrial Control Systems.
2. Question: What is the primary function of a SCADA system?
o Answer: To monitor and control industrial processes in real-time.
3. Question: Name three components of a SCADA system.
o Answer: Human-Machine Interface (HMI), Remote Terminal Units (RTUs), and
Programmable Logic Controllers (PLCs).
4. Question: How do SCADA systems typically communicate with field devices?
o Answer: Through communication protocols such as Modbus, DNP3, or OPC.
5. Question: What is the difference between SCADA and DCS (Distributed Control Systems)?
o Answer: SCADA is used for long-distance monitoring and control, while DCS is used
for local control within a plant.
6. Question: What are typical applications of SCADA systems?
o Answer: Water treatment, electricity distribution, oil and gas pipelines, and
manufacturing.
7. Question: Define "supervisory control" in the context of SCADA.
o Answer: The ability to monitor and control field devices remotely through a central
system.
8. Question: What is the role of an HMI in a SCADA system?
o Answer: To provide a user interface for operators to interact with the control
system.
9. Question: What is an RTU?
o Answer: Remote Terminal Unit, a device that collects data from sensors and sends it
to the SCADA system.
10. Question: What communication protocol is commonly used in SCADA systems?
o Answer: Modbus.
11. Question: What is a PLC?
, o Answer: Programmable Logic Controller, an industrial digital computer used to
automate control of machinery.
12. Question: How do PLCs differ from traditional computers?
o Answer: PLCs are designed to operate in harsh industrial environments and have
real-time capabilities.
13. Question: What is the purpose of telemetry in SCADA systems?
o Answer: To transmit data from remote locations to a central system for monitoring
and analysis.
14. Question: Explain the role of sensors in ICS.
o Answer: Sensors collect data from the physical environment, such as temperature,
pressure, or flow rates.
15. Question: What is the significance of control loops in ICS?
o Answer: Control loops regulate processes by continuously measuring and adjusting
variables to maintain desired setpoints.
Section 2: Security Threats and Vulnerabilities
16. Question: What is a common security threat to ICS/SCADA systems?
Answer: Cyberattacks, such as malware or ransomware.
17. Question: Define “air gap” in the context of ICS security.
Answer: An air gap is a security measure that isolates a network from other networks,
including the internet, to prevent unauthorized access.
18. Question: What vulnerability is often exploited by attackers in ICS environments?
Answer: Unpatched software and firmware vulnerabilities.
19. Question: Describe the concept of a "zero-day" vulnerability.
Answer: A security flaw that is unknown to the vendor and has no available patch, making it
especially dangerous.
20. Question: What is social engineering, and how can it affect ICS security?
Answer: Social engineering involves manipulating individuals into divulging confidential
information, which can compromise security.
21. Question: How can insider threats impact ICS security?
Answer: Employees or contractors may intentionally or unintentionally compromise
security, either through negligence or malicious intent.
22. Question: What is the significance of the "Kill Chain" model in cybersecurity?
Answer: It outlines the stages of a cyber attack, helping defenders to understand and disrupt
the attack process.
Essentials.
Section 1: Basics of ICS/SCADA
1. Question: What does ICS stand for?
o Answer: Industrial Control Systems.
2. Question: What is the primary function of a SCADA system?
o Answer: To monitor and control industrial processes in real-time.
3. Question: Name three components of a SCADA system.
o Answer: Human-Machine Interface (HMI), Remote Terminal Units (RTUs), and
Programmable Logic Controllers (PLCs).
4. Question: How do SCADA systems typically communicate with field devices?
o Answer: Through communication protocols such as Modbus, DNP3, or OPC.
5. Question: What is the difference between SCADA and DCS (Distributed Control Systems)?
o Answer: SCADA is used for long-distance monitoring and control, while DCS is used
for local control within a plant.
6. Question: What are typical applications of SCADA systems?
o Answer: Water treatment, electricity distribution, oil and gas pipelines, and
manufacturing.
7. Question: Define "supervisory control" in the context of SCADA.
o Answer: The ability to monitor and control field devices remotely through a central
system.
8. Question: What is the role of an HMI in a SCADA system?
o Answer: To provide a user interface for operators to interact with the control
system.
9. Question: What is an RTU?
o Answer: Remote Terminal Unit, a device that collects data from sensors and sends it
to the SCADA system.
10. Question: What communication protocol is commonly used in SCADA systems?
o Answer: Modbus.
11. Question: What is a PLC?
, o Answer: Programmable Logic Controller, an industrial digital computer used to
automate control of machinery.
12. Question: How do PLCs differ from traditional computers?
o Answer: PLCs are designed to operate in harsh industrial environments and have
real-time capabilities.
13. Question: What is the purpose of telemetry in SCADA systems?
o Answer: To transmit data from remote locations to a central system for monitoring
and analysis.
14. Question: Explain the role of sensors in ICS.
o Answer: Sensors collect data from the physical environment, such as temperature,
pressure, or flow rates.
15. Question: What is the significance of control loops in ICS?
o Answer: Control loops regulate processes by continuously measuring and adjusting
variables to maintain desired setpoints.
Section 2: Security Threats and Vulnerabilities
16. Question: What is a common security threat to ICS/SCADA systems?
Answer: Cyberattacks, such as malware or ransomware.
17. Question: Define “air gap” in the context of ICS security.
Answer: An air gap is a security measure that isolates a network from other networks,
including the internet, to prevent unauthorized access.
18. Question: What vulnerability is often exploited by attackers in ICS environments?
Answer: Unpatched software and firmware vulnerabilities.
19. Question: Describe the concept of a "zero-day" vulnerability.
Answer: A security flaw that is unknown to the vendor and has no available patch, making it
especially dangerous.
20. Question: What is social engineering, and how can it affect ICS security?
Answer: Social engineering involves manipulating individuals into divulging confidential
information, which can compromise security.
21. Question: How can insider threats impact ICS security?
Answer: Employees or contractors may intentionally or unintentionally compromise
security, either through negligence or malicious intent.
22. Question: What is the significance of the "Kill Chain" model in cybersecurity?
Answer: It outlines the stages of a cyber attack, helping defenders to understand and disrupt
the attack process.
