Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ISA/IEC 62443 - IC34M - IACS Cybersecurity Design & Implementation > IC34M01 - Assessment Overview > Flashcards

IC34M01 - Assessment Overview Flashcards

1
Q

Waht are the four parts to defining scope?

A
  • Identify Requirements
  • Specify Devices
  • Select collection Method
  • Document
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name some benefits of Cybersecurity Risk Assessments

A
  • Determine order or priority
  • Define threats, vulnerabilities, and consequences
  • Design and apply countermeasures
  • Prioritize mitigation activities and resources
  • Evaluate effectiveness versus cost of countermeasure procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is produced in every step of the Cyber Risk Assessment Process?

A

Documentation
If you didn’t document your steps, there is nothing to verify, audit, or prove the findings of the assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the four key concepts of scope?

A
  • System Architecture Diagrams
  • Network Diagrams
  • Asset Assessment
  • Criticality Assessment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What determines the parameters of what is included in the assessment and how it is performed?
1. Scope
2. Vulnerability
3. Threat
4. Documentation

A

Scope

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why conduct Cybersecurity Vulnerability Assessments?
1. To determine return on investment
2. To identify requirements for specific devices
3. To define, identify and classify vulnerabilities in systems&networks.
4. To collect data and document system diagrams

A

To define, identify and classify vulnerabilities in systems&networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which key concept of Scope details a list of all elements in a system?
1. Asset Inventory
2. Criticicality Assessment
3. Network Diagram
4. System Architecture Diagram

A

Asset Inventory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which is not a benefit of a Cybersecurity Risk Assessment?
1. Define threat, vulnerabilities & consequences
2. Design & apply countermeasures
3. Prevent audits by documenting procedures
4. Prioritize activities & resources for mitigation

A

Prevent audits by documenting procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why should you partition the system under consideration into zones and conduits when conducting a cyber risk assessment?
1. To ensure the best possible protection
2. To practice by repeating the process for each zone & conduit
3. To determine the Security Level Target
4. To determine the residual cyber risk

A

To ensure the best possible protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ISA/IEC 62443 - IC34M - IACS Cybersecurity Design & Implementation (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions