ICS410: ICS/SCADA Security
Essentials Exam.120 Q&A.
Latest 2024/2025.
Section 1: Fundamentals of ICS/SCADA
1. Question: What does ICS stand for?
o Answer: Industrial Control Systems.
2. Question: What is the primary function of a SCADA system?
o Answer: To monitor and control industrial processes in real-time.
3. Question: Name three components of a SCADA system.
o Answer: Human-Machine Interface (HMI), Remote Terminal Units (RTUs),
Programmable Logic Controllers (PLCs).
4. Question: What communication protocols are commonly used in SCADA systems?
o Answer: Modbus, DNP3, and OPC.
5. Question: Describe the difference between SCADA and DCS (Distributed Control Systems).
o Answer: SCADA is used for remote monitoring and control, while DCS is used for
local control within a facility.
6. Question: What role does the HMI play in a SCADA system?
o Answer: It provides a graphical interface for operators to monitor and control
processes.
7. Question: What is an RTU, and what is its function?
o Answer: A Remote Terminal Unit collects data from sensors and sends it to the
SCADA system.
8. Question: Define telemetry in the context of SCADA.
o Answer: The transmission of data from remote sensors to a central monitoring
system.
9. Question: What is the purpose of a data historian in SCADA systems?
o Answer: To store and retrieve time-series data from industrial processes.
10. Question: Describe control loops in ICS.
, o Answer: Systems that measure and adjust variables to maintain desired setpoints in
processes.
Section 2: Security Threats and Vulnerabilities
11. Question: What is a common cyber threat to ICS/SCADA systems?
o Answer: Malware attacks, such as ransomware.
12. Question: Explain the term "air gap" in ICS security.
o Answer: A security measure that isolates a network from other networks to prevent
unauthorized access.
13. Question: What is a zero-day vulnerability?
o Answer: A security flaw that is unknown to the vendor and has no available patch.
14. Question: What is social engineering?
o Answer: Manipulating individuals into divulging confidential information.
15. Question: How can insider threats impact ICS security?
o Answer: Employees may intentionally or unintentionally compromise security.
16. Question: What is a denial-of-service (DoS) attack?
o Answer: An attack that makes a system or network unavailable by overwhelming it
with traffic.
17. Question: How do unpatched vulnerabilities affect ICS security?
o Answer: They can be exploited by attackers to gain unauthorized access.
18. Question: What is data exfiltration?
o Answer: The unauthorized transfer of data from a system.
19. Question: Why are default passwords a security risk in ICS devices?
o Answer: They are often well-known and can be easily exploited.
20. Question: What are common vulnerabilities in ICS systems?
o Answer: Unpatched software, weak authentication, and insecure network
configurations.
Section 3: Risk Management
21. Question: What is the purpose of a risk assessment in ICS security?
o Answer: To identify, analyze, and prioritize risks.
22. Question: What framework is commonly used for managing cybersecurity risks?
o Answer: NIST Cybersecurity Framework (CSF).
23. Question: Differentiate between qualitative and quantitative risk assessments.
Essentials Exam.120 Q&A.
Latest 2024/2025.
Section 1: Fundamentals of ICS/SCADA
1. Question: What does ICS stand for?
o Answer: Industrial Control Systems.
2. Question: What is the primary function of a SCADA system?
o Answer: To monitor and control industrial processes in real-time.
3. Question: Name three components of a SCADA system.
o Answer: Human-Machine Interface (HMI), Remote Terminal Units (RTUs),
Programmable Logic Controllers (PLCs).
4. Question: What communication protocols are commonly used in SCADA systems?
o Answer: Modbus, DNP3, and OPC.
5. Question: Describe the difference between SCADA and DCS (Distributed Control Systems).
o Answer: SCADA is used for remote monitoring and control, while DCS is used for
local control within a facility.
6. Question: What role does the HMI play in a SCADA system?
o Answer: It provides a graphical interface for operators to monitor and control
processes.
7. Question: What is an RTU, and what is its function?
o Answer: A Remote Terminal Unit collects data from sensors and sends it to the
SCADA system.
8. Question: Define telemetry in the context of SCADA.
o Answer: The transmission of data from remote sensors to a central monitoring
system.
9. Question: What is the purpose of a data historian in SCADA systems?
o Answer: To store and retrieve time-series data from industrial processes.
10. Question: Describe control loops in ICS.
, o Answer: Systems that measure and adjust variables to maintain desired setpoints in
processes.
Section 2: Security Threats and Vulnerabilities
11. Question: What is a common cyber threat to ICS/SCADA systems?
o Answer: Malware attacks, such as ransomware.
12. Question: Explain the term "air gap" in ICS security.
o Answer: A security measure that isolates a network from other networks to prevent
unauthorized access.
13. Question: What is a zero-day vulnerability?
o Answer: A security flaw that is unknown to the vendor and has no available patch.
14. Question: What is social engineering?
o Answer: Manipulating individuals into divulging confidential information.
15. Question: How can insider threats impact ICS security?
o Answer: Employees may intentionally or unintentionally compromise security.
16. Question: What is a denial-of-service (DoS) attack?
o Answer: An attack that makes a system or network unavailable by overwhelming it
with traffic.
17. Question: How do unpatched vulnerabilities affect ICS security?
o Answer: They can be exploited by attackers to gain unauthorized access.
18. Question: What is data exfiltration?
o Answer: The unauthorized transfer of data from a system.
19. Question: Why are default passwords a security risk in ICS devices?
o Answer: They are often well-known and can be easily exploited.
20. Question: What are common vulnerabilities in ICS systems?
o Answer: Unpatched software, weak authentication, and insecure network
configurations.
Section 3: Risk Management
21. Question: What is the purpose of a risk assessment in ICS security?
o Answer: To identify, analyze, and prioritize risks.
22. Question: What framework is commonly used for managing cybersecurity risks?
o Answer: NIST Cybersecurity Framework (CSF).
23. Question: Differentiate between qualitative and quantitative risk assessments.
