ISA-IEC-62443試験無料問題集（90題）「ISA/IEC 62443 Cybersecurity Fundamentals Specialist 認定」

出題：1

Which of the following is the BEST example of detection-in-depth best practices?
Available Choices (select all choices that are correct)

A. Role-based access control and VPNs

B. Firewalls and unexpected protocols being used

C. Role-based access control and unusual data transfer patterns

D. IDS sensors deployed within multiple zones in the production environment

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which of the following is a trend that has caused a significant percentage of security vulnerabilities?
Available Choices (select all choices that are correct)

A. IACS using equipment designed for measurement and control

B. IACS becoming integrated with business and enterprise systems

C. IACS developing into a network of air-gapped systems

D. IACS evolving into a number of closed proprietary systems

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which of the following is an activity that should trigger a review of the CSMS?
Available Choices (select all choices that are correct)

A. Budgeting

B. Security incident exposing previously unknown risk.

C. New technical controls

D. Organizational restructuring

正解：B,C,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

The Risk Analysis category contains background information that is used where?
Available Choices (select all choices that are correct)

A. Only the Assessment element

B. (Elements external to the CSMS

C. Many other elements in the CSMS

D. Only the Risk ID element

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

In a defense-in-depth strategy, what is the purpose of role-based access control?
Available Choices (select all choices that are correct)

A. Ensures that users correctly manage their username and password

B. Ensures that users can access systems from remote locations

C. Ensures that users can access only the functions they need for their job

D. Ensures that users can access only certain devices on the network

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Which is one of the PRIMARY goals of providing a framework addressing secure product development life-cycle requirements?
Available Choices (select all choices that are correct)

A. Defense-in-depth approach to designing

B. Aligned needs of industrial users

C. Aligned development process

D. Well-documented security policies and procedures

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which of the following is the BEST reason for periodic audits?
Available Choices (select all choices that are correct)

A. To confirm audit procedures

B. To adhere to a published or approved schedule

C. To meet regulations

D. To validate that security policies and procedures are performing

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

What are the two sublayers of Layer 2?
Available Choices (select all choices that are correct)

A. HIDS and NIDS

B. OPC and DCOM

C. LLC and MAC

D. VLAN and VPN

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Which is the PRIMARY objective when defining a security zone?
Available Choices (select all choices that are correct)

A. All assets in the zone must be at the same level in the Purdue model.

B. All assets in the zone must be physically located in the same area.

C. All assets in the zone must be from the same vendor.

D. All assets in the zone must share the same security requirements.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

ISA-IEC-62443試験無料問題集「ISA/IEC 62443 Cybersecurity Fundamentals Specialist 認定」