Security Program Requirements for IACS Service Providers Flashcards

1
Q

What is a service provider?

A

Individual or organization that provides a specific support service and associates supplies

  • Integration Service Provider
  • Maintenance Service Provider
  • Concept includes Product Suppliers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which chapter of ISA/IEC 62443 contains the requirements for service providers?

A

62443-2-4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ISCI

A

ISA Security Compliance Institute

Manages ISASecure conformance certification program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Definition

Performs activities that mantain and service Automation Solutions according to asset owner requirements

A

IACS Maintenance Service Provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Key philosophy of secure product life-cycle

A

Defense-in-Depth Strategy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

One of the four IACS components types, includes PLCs and IEDs

A

Embedded Device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Provides capabilities to implement/deploy Automation Solutions

A

IACS Integrator Service Provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Manufacturer of hardware and/or software product

A

IACS Product Suppier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which IACS Cybersecurity Lifecycle actor designs and manufactures COTS control systems?

A

Suppliers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

True or False

The primary goal of Product Security Development Life-Cycle Requirements is to provide a framework which addresses secure by design, a defense-in-depth approach, as well as the building, maintaining, and retiring products.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

True or False

The audience for ISA 62443 Part 4-2 includes integrators and product suppliers

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

True or False

ISASecure independently certifies IACS products and systems to ensure that they are robust against network attacks and free from known vulnerabilites.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

True or False

Integration service provider activities generally occur starting with the design phase and then ending in handover of the Automation Solution to the asset owner.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly