Isa 62443 ic34 exam questions and answers 100% correct

ISA 62443 IC34


1. What is phase 1 of the IACS Cybersecurity Life Cycle?: Assess
2. What is phase 2 of the IACS Cybersecurity Life Cycle?: Develop &
Implement
3. What is phase 3 of the IACS Cybersecurity Life Cycle?: Maintain
4. When are countermeasures are implemented to meet the Target Security
Level (SL-T)?: During the Develop & Implement phase of ICS security
implementation
5. What is the primary goal of the Maintain phase in ICS security
implementation?: To ensure the Achieved Security Level (SL-A) is equal to
or better than the
Target Security Level (SL-T).*
6. What is step 1 of the IACS Cybersecurity Life Cycle (Assess Phase)?: -
High-Level Cyber Risk Assessment
7. What is step 2 of the IACS Cybersecurity Life Cycle (Assess Phase)?:
Allocation of IACS Assets to Security Zones or Conduits
8. What is step 3 of the IACS Cybersecurity Life Cycle (Assess Phase)?:
Detail
Cyber Risk Assessment
9. What is step 4 of the IACS Cybersecurity Life Cycle (Develop &
Implement
Phase)?: Cybersecurity Requirements Specification
10. What is step 5 of the IACS Cybersecurity Life Cycle (Develop &
Implement Phase)?: Design and engineering of Cybersecurity
countermeasures
11. What is step 6 of the IACS Cybersecurity Life Cycle (Develop &
Implement Phase)?: Installation, commissioning and validation of
Cybersecurity countermeasures
12. What is step 7 of the IACS Cybersecurity Life Cycle (Maintain)?:
Cybersecurity Maintenance, Monitoring and Management of Change
13. What is step 8 of the IACS Cybersecurity Life Cycle (Maintain)?: Cyber
Incident Response & Recovery
14. What are the continuous processes activities of the IACS Cybersecurity
Life Cycle?: Cybersecurity Management System: Policies, Procedures, Training
&
Awareness, Periodic Cybersecurity Audits

1/6

, ISA 62443 IC34

.
15. A risk assessment should provide information about what?: An entire
system as well as each zone
16. What information should be provided from a risk assessment?: -Risk
profile
-Highest severity consequences
-Threats / vulnerabilities leading to the highest risks
-Target Security Levels
-Recommendations
17. What is the named output of a risk assessment?: Cybersecurity
Requirement Specifications (CRS)
18 Once created, what is the Cybersecurity Requirement Specifications
(CRS) used for?: Input for the Develop & Implementation phase
19. What, at a minimum, should Cybersecurity Requirement Specifications
(CRS) include?: -SUC description
-Zone and conduit drawings
-Zone and conduit characteristics
-Operating environment assumptions
-Threat environment
-Organizational security policies
-Tolerable risk
-Regulatory requirements
20. What phase of the IACS Cybersecurity Lifecycle do you assign assign a
Target Security Level (SL-T)?: Assess
21. What phase of the IACS Cybersecurity Lifecycle do you implement to
meet an Achieved Security Level (SL-A)?: Development & Implement
22. In what phase of the IACS Cybersecurity Lifecycle do you ensure the
Achieved Security Level (SL-A) meets or exceeds the Target Security Level
(SL-T)?: Maintain
23. What documents are required per zone/conduit?: •Name and/or unique
identifier
•Accountable organization(s)
•Definition of logical boundary
•Definition of physical boundary, if applicable
•Safety designation

2/6