Network services

Question 1

IT (Information Technology) vs. OT (Operational Technology):

Answer 1

IT: Focus on data, servers, and networks.
OT: Focus on controlling physical processes (e.g., industrial control systems).

Question 2

Embedded Systems

Answer 2

Definition: Dedicated systems designed for specific functions.
Examples:
Medical devices, smart meters, industrial controllers.

Question 3

Types of Embedded Systems

Answer 3

PLCs (Programmable Logic Controllers): Automate processes like valve control.
RTOS (Real-Time Operating System): Ensures predictable response times for critical tasks.
System-on-a-Chip (SoC): Compact, efficient chips integrating all computer components.

Question 4

Embedded Systems Security

Answer 4

Operate in static environments; updates are infrequent.
Isolate embedded systems for security.

Question 5

Industrial Control Systems (ICS)

Answer 5

Localized control of processes in manufacturing or critical infrastructure.
Priority: Availability > Integrity > Confidentiality.

Question 6

SCADA

Answer 6

Manages distributed ICS over wide-area networks.
Communication methods: Cellular, satellite, fiber.

Question 7

Fieldbus

Answer 7

Links PLCs and devices.

Question 8

HMI (Human-Machine Interface)

Answer 8

Interfaces for monitoring and control.

Question 9

Legacy Systems

Answer 9

No longer supported by the vendor.
Common examples: Windows XP, old manufacturing systems.

Question 10

Proprietary Systems

Answer 10

Owned and controlled by specific vendors.
Support depends on vendor contracts and cycles.

Question 11

Mitigating Legacy and Proprietary Systems

Answer 11

Isolate on separate networks.
Use firewalls and segmentation.
Apply compensating controls.

Question 12

Networking and Security Tools

Answer 12

Firewalls:
Unified Threat Management (UTM):
Next-Generation Firewalls (NGFW):

Question 13

Firewalls

Answer 13

Control traffic based on Access Control Lists (ACLs).
Types: Packet filtering, stateful, proxy, kernel proxy.

Question 14

Unified Threat Management (UTM)

Answer 14

All-in-one security devices (firewall, antivirus, intrusion prevention, etc.).
Advantages: Lower costs, easier management.
Disadvantages: Single point of failure, less efficient.

Question 15

Next-Generation Firewalls (NGFW)

Answer 15

Use efficient engines for deep traffic inspection.
Suitable for performance-focused environments.

Question 16

Remote Access Protocols

Answer 16

Telnet: Plain text, insecure.
SSH: Encrypted, secure alternative to Telnet.
RDP: GUI-based remote access for Windows.
VNC: Cross-platform GUI access.
TTY: Command-line interface emulation.

Question 17

Monitoring Tools

Answer 17

Syslog: Logs events for network devices.
- Modern versions support TCP, TLS, and authentication.

SNMP: Monitors network-attached devices.

Question 18

Load Balancers

Answer 18

Function:
- Distributes traffic across multiple servers.
Prevents server overload and enhances efficiency.

DDoS Mitigation:
- Techniques: Blackholing, IPS, Elastic Cloud Infrastructure.
- Examples: Amazon, GitHub surviving large-scale DDoS attacks.

Question 19

CIA Triad

Answer 19

(Confidentiality, Integrity, Availability):
Understand how availability is prioritized in OT and ICS environments.

Question 20

Key Concepts and Exam Tips

Answer 20

CIA Triad (Confidentiality, Integrity, Availability):
Understand how availability is prioritized in OT and ICS environments.
Network Segmentation:
Crucial for isolating vulnerable systems (e.g., legacy systems).
System Security:
Apply compensating controls when updates are unavailable.
Prioritize real-time responses for critical applications (e.g., RTOS).
Device-Specific Characteristics:
Know the distinctions between PLCs, RTOS, SoC, and standard systems.