B as per Page 34 of ISA Booklet

No, correct answer is B under the logic that COTS - and you don't have to forget about this- are designed for availability in physical data collection.

Correct answer is C - Knowledge of exploits and tools readily available on the Internet

Answer is C The increase in attacks on Industrial Automation and Control Systems (IACS) is often attributed to the accessibility of knowledge, exploits, and tools on the Internet. As information becomes more readily available, malicious actors can leverage this knowledge to target vulnerabilities in IACS components. The widespread sharing of hacking techniques and tools online makes it easier for attackers to exploit weaknesses in these systems. While other factors mentioned, such as the use of proprietary protocols and reduced personnel knowledge, can contribute to security challenges, the ready availability of exploits on the Internet is a significant factor in the increase of attacks on IACS.

B doesnt make sense, its the use of COTS,and not running away from them, what creates the risk. Malware as a service is a risk

There us no move away from COTS. Availability of Exploits of legacy OS and Tools makes attacks easier.

Absolutely C

Answer C

Vote C

Commercial off-the-shelf, COTS, is equipment you can go out and buy, and you can just plug and play. We buy these devices, we install them, and we're not even sure what the configuration is. We just need to get the process up and running. This can create security issues.

Correct abswer is C - Knowledge of exploits and tools readily available on the Internet