Which of the following weaknesses associated with common SCADA systems are the MOST critical for organizations to address architecturally within their networks? (Choose two.)
A.
Boot processes that are neither measured nor attested
Option B, Legacy and unpatchable systems software, is a critical weakness because many SCADA systems rely on older technologies and software that are no longer supported by the vendors or are difficult to update or patch. As a result, these systems can be vulnerable to known and unknown exploits that can be easily exploited by attackers.
Option E, Unauthenticated commands, is also a critical weakness because SCADA systems often use proprietary protocols and commands that are not authenticated or encrypted, making it easy for attackers to inject unauthorized commands and manipulate the system.
Why Not D?
D could also be a critical weakness for SCADA systems. However, it is not as commonly exploited as the other vulnerabilities listed in the answer choices. The lack of OS kernel mandatory access controls means that the SCADA system may not have sufficient security controls in place to prevent unauthorized access or changes to the system. This could potentially lead to system compromise or damage. However, the other vulnerabilities listed in the answer choices are more commonly exploited by attackers to compromise SCADA systems.
Usually SCADA is air gapped. it is quite hard to upgrade do the operation requirement of OT Networks. the most critical would be the open ports and unauthenticated commands.
Usually SCADA is air gapped. it is quite hard to upgrade do the operation requirement of OT Networks. the most critical would be the open ports and unauthenticated commands.
Legacy software
One of the biggest problems for ICS/SCADA systems is that they often run on legacy software that lacks sufficient security. Most of this type of software doesn’t implement security fundamentals such as user/system authentication and data integrity checking features, allowing attackers to carry out a broad range of attacks against the ICS components.
Networking issues
It is very common to find internet-facing ICS/SCADA systems that are not properly protected and hosted on a misconfigured network. In many cases, firewalls employed as a defense measure for the industrial networks fail to detect/block malicious activity launched by external attackers, allowing them to access the OT systems.
In some cases, SCADA systems are connected to unaudited dial-up lines, or operators of the industrial environment have wrongly configured remote-access servers that could give attackers a path to access to the OT network as well as the corporate LAN.
GPT-4: In the context of a cybersecurity exam, the most critical weaknesses associated with common SCADA systems that organizations should address architecturally within their networks are:
B. Legacy and unpatchable systems software - Legacy and unpatchable systems software is a high-risk vulnerability as it is often outdated and unsupported, making it an easy target for attackers. Organizations should prioritize replacing legacy systems with updated versions or implementing compensatory controls to minimize the risks.
C. Unnecessary open ports and protocols - Unnecessary open ports and protocols can provide attackers with entry points to exploit vulnerabilities in the system. Organizations should regularly scan their networks to identify and close any unnecessary open ports and protocols to reduce the attack surface.
While the other options listed in the question are also weaknesses associated with SCADA systems, addressing legacy systems and unnecessary open ports and protocols are considered the most critical and should be given the highest priority.
The most critical weaknesses associated with common SCADA systems for organizations to address architecturally within their networks are:
B. Legacy and unpatchable systems software
E. Unauthenticated commands
After reviewing again.. I am changing to BE. B is a given, and E is on the list of critical issues.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.CS0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Kashim
Highly Voted 2 years, 1 month agoAdji91
2 years, 1 month agokhrid4
2 years, 1 month agoID77
Most Recent 7 months agozecomeia_007
8 months, 1 week agonovolyus
1 year, 4 months agoDree_Dogg
1 year, 7 months agoBig_Dre
1 year, 7 months agoPOWNED
1 year, 8 months agokarpal
1 year, 10 months agokarpal
1 year, 10 months agoadrian1188
1 year, 11 months agojustauser
2 years agoAlizade
2 years agoCookieman
2 years ago2Fish
2 years, 1 month agoAdji91
2 years, 1 month ago2Fish
2 years ago