IEC 62443-IC33 Risk Assessment Specialist Test Questions with Correct Answers
What type of vulnerability assessment technique involves using exploit tools? - Answers Penetration
Testing (Most Invasive)
Which vulnerability assessment provides feedback on performance in comparison to industry peers? -
Answers Gap Assessment (High Level - Least invasive)
Which type of assessment may include reviewing document, system walk-thru, traffic analysis, or ARP
tables? - Answers Passive Assessment
Vulnerability Assessment - Answers Defines,
Identifies,
Classifies the security vulnerabilities
Penetration Testing - Answers Exploits vulnerabilities
Which type of assessment uses tools to discover devices and vulnerabilities of the IACS? - Answers
Active Assessment
What type of vulnerability assessment identifies the worst-case unmitigated risk that the SuC presents
to the organization? - Answers Cyber Risk Assessment
Which gap assessment tool was created by the US DHS? - Answers CSET
What type of tool is used to capture and display Ethernet communications? - Answers Packet Capture
A feature that sends a copy of a network from one or more switch ports to a special monitoring port is
called: - Answers Port Mirroring
Which computer programs assess computers, computer systems, networks or applications for
weaknesses against databases of know vulnerabilities? - Answers Network Vulnerability Scanning Tools
Nessuss, Nexpose, and Retina are assessment tools used to discover: - Answers System Vulnerabilities
What is the entity that can manifest a threat? - Answers Threat source
What is the term for the likelihood of the threat scenario occurring and leading to the final consequence
taking into account all protection measures and cybersecurity countermeasures in place? - Answers
Mitigated Threat Likelihood (MTL)
Delaying or blocking the flow of information in a system is an example of the following threat vector: -
Answers Denial of Service
Which threat vector involves the unauthorized redirection of data? - Answers Information Disclosure
What type of vulnerability assessment technique involves using exploit tools? - Answers Penetration
Testing (Most Invasive)
Which vulnerability assessment provides feedback on performance in comparison to industry peers? -
Answers Gap Assessment (High Level - Least invasive)
Which type of assessment may include reviewing document, system walk-thru, traffic analysis, or ARP
tables? - Answers Passive Assessment
Vulnerability Assessment - Answers Defines,
Identifies,
Classifies the security vulnerabilities
Penetration Testing - Answers Exploits vulnerabilities
Which type of assessment uses tools to discover devices and vulnerabilities of the IACS? - Answers
Active Assessment
What type of vulnerability assessment identifies the worst-case unmitigated risk that the SuC presents
to the organization? - Answers Cyber Risk Assessment
Which gap assessment tool was created by the US DHS? - Answers CSET
What type of tool is used to capture and display Ethernet communications? - Answers Packet Capture
A feature that sends a copy of a network from one or more switch ports to a special monitoring port is
called: - Answers Port Mirroring
Which computer programs assess computers, computer systems, networks or applications for
weaknesses against databases of know vulnerabilities? - Answers Network Vulnerability Scanning Tools
Nessuss, Nexpose, and Retina are assessment tools used to discover: - Answers System Vulnerabilities
What is the entity that can manifest a threat? - Answers Threat source
What is the term for the likelihood of the threat scenario occurring and leading to the final consequence
taking into account all protection measures and cybersecurity countermeasures in place? - Answers
Mitigated Threat Likelihood (MTL)
Delaying or blocking the flow of information in a system is an example of the following threat vector: -
Answers Denial of Service
Which threat vector involves the unauthorized redirection of data? - Answers Information Disclosure
