Switchyard Access

Question 1

What role does NERC play in relation to CIP Standards

Answer 1

NERC develops CIP Standards

Question 2

What role does WECC play in relation to CIP Standards

Answer 2

WECC enforces CIP Standards

Question 3

What role does FERC play in relation to CIP Standards

Answer 3

FERC regulates CIP Standards

Question 4

What body has the legal authority to enforce compliance with NERC reliability standards?

Answer 4

WECC

Question 5

NERC is the acronym for:

Answer 5

North American Electric Reliability Corporation

Question 6

What CIP Standard addresses training requirements?

Answer 6

CIP-004

Question 7

What CIP Standard addresses physical security

Answer 7

CIP-006

Question 8

Network devices that make up the logical border surrounding the assets critical to the Bulk Electric System (BES) is known as

Answer 8

Electronic Security Perimeter (ESP)

Question 9

What CIP Standard addresses the Electronic Security Perimeter?

Answer 9

CIP-005

Question 10

What CIP Standard addresses Systems Security Management?

Answer 10

CIP-007

Question 11

What action do you need to take if an ODN task is infeasible without the use of removable media?

Answer 11

File for an exemption and as a first step complete the correct form on the PG&E Intranet

Question 12

Why is unapproved software regarded as a threat to security?

Answer 12

It may interfere with the proper operation of PG&E systems

Question 13

A breach in cyber security could lead to

Answer 13

Loss of productivity

Question 14

List two ways entrances and exits are controlled

Answer 14

1. Automatic gates are controlled via phone, keycard, station key or remote control.
2. Facilities are surrounded by a chain-link fence with gates that are to remain locked when authorized personnel are not present.

Question 15

List 4 ways that automatic gates are controlled

Answer 15

phone, keycard, station key or remote control

Question 16

What must be entered into the log book upon entering a facility

Answer 16

Name, affiliation, entry and exit times

Question 17

Name 3 possible security problems at facilities

Answer 17

Unauthorized visitors or trespassers
Fences may be cut, washed away or otherwise breached
Buildings may be vandalized or broken into.

Question 18

What CIP Standards specifically address access control?

Answer 18

CIP-003, CIP-004, CIP-005, CIP-006

Question 19

How long can a door be held open before an alarm is received?

Answer 19

20 seconds

Question 20

Name two methods used to protect information

Answer 20

Assigning a sensitivity level to information

Using good password practices

Question 21

Name two ways to protect information

Answer 21

Don’t leave work orders in copy rooms

Only release or share information on a business “need to know” basis

Question 22

Name three events that should be reported as cyber security incidents

Answer 22

Unexplained account lockouts
Unknown network connections
Outages impacting critical operations

Question 23

Cyber security incidents must be reported to

Answer 23

Electric Sector Information Sharing and Analysis Center (ES-ISAC)

Question 24

How often must the Cyber Security Incident Response Plan be updated?

Answer 24

Within 30 calendar days of any changes

Question 25

What CIP Standard specifically addresses Recovery of Assets?

Answer 25

CIP-009