Using the ISA/IEC 62443 Standards to Secure Your Control Systems (IC32)

JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

©Copyright International Society of Automation (ISA) 2025. All rights reserved.
Artificial Intelligence Notice: ISA prohibits the entry of ISA standards and related ISA intellectual property (“ISA IP”) into any form of Artificial Intelligence (AI) tools, such as ChatGPT. Additionally, creating derivatives of ISA IP using AI is also prohibited without express written permission from ISA’s CEO. In the case of such use, ISA will suspend a licensee’s access to ISA IP, and further legal action will be considered. Please review ISA's Terms and Conditions for further information.

1. What is the primary function of a firewall?
*

a. Block all internet traffic

b. Detect network intrusions

c. Filters network traffic

d. Authenticate users

2. Inter-network connection device that restricts data communication traffic between two connected networks is called a(n) _____________.
*

a. IDS

b. Firewall

c. Router

d. Anti-virus software

3. A robust and enterprise-wide awareness and training program is paramount to __________.
*

a. Protecting the IACS from different threat actors

b. Ensuring that all risks are mitigated

c. Ensuring that people understand their IT (and OT) security responsibilities, organizational policies, and how to properly use and protect the IT (OT) resources entrusted to them

d. Optimizing the IDS with the latest signatures

4. Implementation of policy involves __________.
*

a. Creating appropriate and cost-effective policy

b. Communicating the policy to the organization

c. Training personnel in the organization

d. All of the above

5. Which port is used by MODBUS TCP?
*

a. It is not defined

b. Depends on the operating system

c. TCP port 502

d. TCP port 520

6. What are the three main phases of the IACS Cybersecurity Lifecycle?
*

a. Assess, develop & mitigate and maintain

b. Design, implement and maintain

c. Assess, develop & implement and maintain

d. Design, mitigate, and maintain

7. Which of the following is the correct risk equation?
*

a. Risk = Threat x Asset x Consequence

b. Risk = Threat x Vulnerability x Cost

c. Risk = Threat agent x Threat x Vulnerability

d. Risk = Threat x Vulnerability x Consequence

8. The desired level of security for a system is known as the __________.
*

a. Target security level

b. Achieved security level

c. Capability security level

d. Protection level

9. An unscheduled activity, such as a security incident exposing unknown risk may trigger __________.
*

a. An immediate call to the police

b. A review of the CSMS

c. Hardening of all OT equipment

d. A recalculation of the CRRF

10. An Intrusion Detection System (IDS) is an example of what method of treating risk?
*

a. Detect

b. Deter

c. Defend

d. Defeat

11. Security service system that monitors and analyzes system events for the purpose of finding and providing a real-time or near real-time warning of attempts to access system resources in an unauthorized manner is called a(n) __________.
*

a. IDS

b. Firewall

c. Router

d. Anti-virus software

12. What is the name of the firewall feature that analyzes protocols at the application layer to identify malicious or malformed packets?
*

a. Stateful inspection

b. Deep packet inspection

c. Packet filter

d. Layer 3 check

13. A three-tier network segmentation design that prevents direct communication between the enterprise network and the process control network by creating a buffer is also known as a(n) __________.
*

a. Zones and conduits

b. Perimeter firewall

c. ICS firewall

d. DMZ

14. Which of the following are the main elements of the NIST CSF Framework?
*

a. Identify, protect, detect, respond and rephrase

b. Identify, protect, defend, detect and respond

c. Identify, protect, detect, remediate and recover

d. Identify, protect, detect, respond and recover

15. What are the main types of intrusion detection systems?
*

a. Perimeter intrusion detection & network intrusion detection

b. Host intrusion detection & network intrusion detection

c. Host intrusion detection & intrusion prevention systems

d. Intrusion prevention & network intrusion detection

16. What is the desired outcome of the "initiate a CSMS program" activity?
*

a. Conceptual diagrams that show how an AD forest can be attacked

b. Obtain leadership commitment, support and funding

c. Identify software agents used by threat agents to propagate attacks

d. Conduct periodic IACS conformance audits

17. Which of the following is NOT a network device hardening best practice?
*

a. Install latest firmware updates

b. Shut down unused physical interfaces

c. Enable logging, collect logs (e.g. Syslog) and review regularly

d. Use Telnet for remote management

18. Which of the following is an example of dual-factor authentication?
*

a. Username and password

b. Digital certificate and smart card

c. Fingerprint and retinal signature

d. Fingerprint and smart card

19. A network that uses a public telecommunication infrastructure, such as the Internet, to provide remote networks or computers with secure access to another network is known as a ______________.
*

a. VLAN

b. VSAT

c. VPN

d. VNC

20. If a virus shuts down an industrial network by overloading the Ethernet switches, which basic information security property is affected?
*

a. Integrity

b. Confidentiality

c. Availability

d. Reliability

Submit

Clear form

This form was created inside of International Society of Automation.

Does this form look suspicious? Report

Forms