Join the discussion
Question 1/59
What type of security level defines what a component or system is capable of meeting?
Available Choices (select all choices that are correct)
Available Choices (select all choices that are correct)
Correct Answer: A
According to the IEC 62443 standard, a capability security level (SL-C) is defined as "the security level that a component or system is capable of meeting when it is properly configured and protected by an appropriate set of security countermeasures" 1. A component or system can have different SL-Cs for different security requirements, depending on its design and implementation. The SL-C is determined by testing the component or system against a set of security test cases that correspond to the security requirements. The SL-C is not dependent on the actual operational environment orconfiguration of the component or system, but rather on its inherent capabilities. References:
* IEC 62443 - Wikipedia
* IEC 62443 - Wikipedia
Add Comments
- Other Question (59q)
- Q1. What type of security level defines what a component or system is capable of meeting? Avai...
- Q2. Which is an important difference between IT systems and IACS? Available Choices (select al...
- Q3. Which of the following can be employed as a barrier device in a segmented network? Availab...
- Q4. Which steps are included in the ISA/IEC 62443 assess phase? Available Choices (select all ...
- Q5. Which of the following is an activity that should trigger a review of the CSMS? Available ...
- Q6. Which is one of the PRIMARY goals of providing a framework addressing secure product devel...
- Q7. Which is a commonly used protocol for managing secure data transmission on the Internet? A...
- Q8. Security Levels (SLs) are broken down into which three types? Available Choices (select al...
- Q9. At Layer 4 of the Open Systems Interconnection (OSI) model, what identifies the applicatio...
- Q10. Which of the following is an example of separation of duties as a part of system developme...
- Q11. What is the definition of "defense in depth" when referring to Available Choices (select a...
- Q12. Using the risk matrix below, what is the risk of a medium likelihood event with high conse...
- Q13. Which of the following is an industry sector-specific standard? Available Choices (select ...
- Q14. What is a commonly used protocol for managing secure data transmission over a Virtual Priv...
- Q15. What.are the two elements of the risk analysis category of an IACS? Available Choices (sel...
- Q16. What is OPC? Available Choices (select all choices that are correct)...
- Q17. What is the purpose of ISO/IEC 15408 (Common Criteria)? Available Choices (select all choi...
- Q18. Using the risk matrix below, what is the risk of a medium likelihood event with high conse...
- Q19. Which of the following tools has the potential for serious disruption of a control network...
- Q20. Which steps are included in the ISA/IEC 62443 assess phase? Available Choices (select all ...
- Q21. Which is the BEST deployment system for malicious code protection? Available Choices (sele...
- Q22. What are the four main categories for documents in the ISA-62443 (IEC 62443) series? Avail...
- Q23. How many security levels are in the ISASecure certification program? Available Choices (se...
- Q24. What are the four main categories for documents in the ISA-62443 (IEC 62443) series? Avail...
- Q25. Which is a physical layer standard for serial communications between two or more devices? ...
- Q26. The Risk Analysis category contains background information that is used where? Available C...
- Q27. In which layer is the physical address assigned? Available Choices (select all choices tha...
- Q28. Which of the following is the underlying protocol for Ethernet/IP? Available Choices (sele...
- Q29. Multiuser accounts and shared passwords inherently carry which of the followinq risks? Ava...
- Q30. Which factor drives the selection of countermeasures? Available Choices (select all choice...
- Q31. Which of the following is a cause for the increase in attacks on IACS? Available Choices (...
- Q32. Which is the PRIMARY responsibility of the network layer of the Open Systems Interconnecti...
- Q33. What is the name of the protocol that implements serial Modbus over Ethernet? Available Ch...
- Q34. Which layer in the Open Systems Interconnection (OSI) model would include the use of the F...
- Q35. What.are the two elements of the risk analysis category of an IACS? Available Choices (sel...
- Q36. Which of the following is the underlying protocol for Ethernet/IP? Available Choices (sele...
- Q37. Which of the following attacks relies on a human weakness to succeed? Available Choices (s...
- Q38. Which layer specifies the rules for Modbus Application Protocol Available Choices (select ...
- Q39. Which communications system covers a large geographic area? Available Choices (select all ...
- Q40. Which analysis method is MOST frequently used as an input to a security risk assessment? A...
- Q41. Which is the BEST practice when establishing security zones? Available Choices (select all...
- Q42. Which is a physical layer standard for serial communications between two or more devices? ...
- Q43. What are the three main components of the ISASecure Integrated Threat Analysis (ITA) Progr...
- Q44. What are three possible entry points (pathways) that could be used for launching a cyber a...
- Q45. Which activity is part of establishing policy, organization, and awareness? Available Choi...
- Q46. Which of the following are the critical variables related to access control? Available Cho...
- Q47. What is the name of the missing layer in the Open Systems Interconnection (OSI) model show...
- Q48. Electronic security, as defined in ANSI/ISA-99.00.01:2007. includes which of the following...
- Q49. Which is a PRIMARY reason why network security is important in IACS environments? Availabl...
- Q50. Which statement is TRUE reqardinq application of patches in an IACS environment? Available...
- Q51. Which characteristic is MOST closely associated with the deployment of a demilitarized zon...
- Q52. Which of the following provides the overall conceptual basis in the design of an appropria...
- Q53. Which is an important difference between IT systems and IACS? Available Choices (select al...
- Q54. Which of the following is a recommended default rule for IACS firewalls? Available Choices...
- Q55. Why is OPC Classic considered firewall unfriendly? Available Choices (select all choices t...
- Q56. Which type of cryptographic algorithms requires more than one key? Available Choices (sele...
- Q57. Which of the following is an industry sector-specific standard? Available Choices (select ...
- Q58. Multiuser accounts and shared passwords inherently carry which of the followinq risks? Ava...
- Q59. Who must be included in a training and security awareness program? Available Choices (sele...
