I would choose C and E based on NIST 800-82. I don't really know what it means by disabling unused services.. if it means disabling from the ICS itself, than I think that would be wrong because from my understanding there isn't much you can do with an ICS other than turn it on/off... which is why they are so vulnerable to begin with. If it means disable services through a firewall or something.. then why would the answer just be firewalling lol.
The answer is correct, please look at "network-based compromise of embedded ICS" Network-based that encloses embedded ICS the idea here is the network that has some devices with ICS integration
So, if these steps are in order: https://www.energy.gov/sites/prod/files/oeprod/DocumentsandMedia/21_Steps_-_SCADA.pdf. Then it would be ISOLATION and FIREWALLING. What do you guys think?
Alright so thinking about this logically, this actually makes a lot of sense and I'm kind of embarrassed that I wasn't able to see it before. Suppose you have this bunch of SCADA devices, right, and you're responsible for them and what not. What is the absolute first thing you have to do? It's obvious! You have to put them in their own network! Segmentation goes first, that's a no-brainer. But what next? The next obvious step really is putting a Firewall in place. Limiting the amount of connections towards the SCADA devices (from the admin network to the scada network) and limiting the amount of ports that can be reached out to. After all that, it's time to disable unused services. And after that it's patching. And after that it's continuous monitoring. Etc etc etc...
We're talking about reducing risk, so that basically means hardening:
A. Patching: This one seems more related than D?
B. NIDS: This doesn't even prevent it, let alone reduce risk.
C. Segmentation: This one is easy. Yes.
D. Disabling unused services: Afaik, there is no real way of doing that on MOST ICS devices? Could be wrong.
E. Firewalling: This could prevent some risk, but not "reduce" it.
This questions is about preventative measures and lowering risk. Patching/Firewalling fixes a known issue and NIDS wont lower risk. It will only detect an issue. Segmentation and Disabling unused services are the best choices here.
I agree with holst. I think the “network” threat is a clue to this question. Some of the study materials state that, since the ICS or SCADA systems are so vulnerable, and unable to protect themselves, the best response to a vulnerability can be throwing a firewall in front of it.
Remediation Strategy- firewall is a security/technical control
upvoted 2 times
...
...
This section is not available anymore. Please use the main Exam Page.CS0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
holst
Highly Voted 5 years, 4 months agolionleo
Most Recent 3 years, 1 month agoAcrisius
4 years, 5 months agoKaiKai
4 years, 6 months agoAshfaq2
4 years, 8 months agoBlind_Hatred
4 years, 11 months agoBlind_Hatred
4 years, 11 months agoBlind_Hatred
4 years, 11 months agoTT
5 years agoCyberSeal
5 years agoKC
5 years, 4 months agos3curity
5 years, 6 months ago[Removed]
5 years, 5 months ago