Network Segmentation; Patch Management; and Intrusion Detection Flashcards
True of False
A firewall should not be paired or used with a DMZ
False
True of False
A network bridge can connect two independent networks
True
True of False
A router can be used for security instead of a firewall
False
True of False
Distributing security appliances provides defense-in-depth to key assets like controllers
True
Protection Mechanisms protect against malicious code to:
- Prevent
- Detect
- Report
- Mitigate
How could you test your Security System?
EICAR Test
Importance IACS Patching
- IACS and the software it relies on is highgly vulnerable
- New vulnerabilites are discovered and published almost daily
- Malware authors take advantage of these vulnerabilities to exploit systems
- Old malware still works on unpatched systems
IACS Patching Challenges
- Patches are changes
- Changes may impact safety, reliability, certification and performance
- Must be parto of change and configuration management process
- Patching is very resource intensive
- Infrequent maintenance outages
Patch Management
- Information Gathering
- Monitoring and Evaluation
- Patch Testing
- Patch Deployment
- Verification & Reporting
Patch Management
Information Gathering
- Inventory
- Supplier relantionships
- Suportability
- Assess existing environment
- Categorize and classify assets
Patch Management
Monitoring and Evaluation
- Monitor & ID patches
- Determine applicability
- Risk Assessment
- Decision
Patch Management
Patch Testing
- File authenticity
- Review changes
- Install procedure
- Qualifications & verification
- Removal procedure
- Risk mitigation
Patch Management
Patch Deployment
- Notification
- Preparation
- Scheduling
- Deployment
Patch Management
Verification & Reporting
- Verification
- Training
- Documentation
True or False
Only asset owners are involved with patch management
False
Malicious code protection should use a mix of deployment systems
True
True or False
Patching is an important tool for mitigation
True