This is a horrible question. Almost all could be the answer:
Another vulnerability is due to lack of sufficient security checks in the MODBUS/TCP protocol implementation. The protocol specification does not include an authentication mechanism for validating communication between MODBUS master and slave devices. This flaw could allow an unauthenticated, remote attacker to issue arbitrary commands to any slave device via a MODBUS master.
An attacker creates a specially crafted packet longer than 260 bytes and sends it to a MODBUS client and server. If the client or server were programmed incorrectly, this could lead to a successful buffer overflow or denial-of-service attack.
The easiest attack to use against Modbus is to simply sniff the traffic on a network, find the Modbus devices and then issue harmful commands to the Modbus devices.
https://www.radiflow.com/blog/hack-the-modbus/
C. Remote code execution, buffer overflow, and certificate spoofing attacks require more expertise and time to carry out successfully. However, unauthenticated commands pose the greatest likelihood of quick success against Modbus assets.
I am going to sway for A here. To be honest all of them are plausible
https://resources.infosecinstitute.com/topic/ics-scada-threats-and-threat-actors/
At least I have some backup to what is only my opinion so don't nail me to the cross so easily my friend. On reflection, reading through TheSkyMan's resource it also stands a good chance of being C. Too many sheep on here mate that want to memorize answers and pass an exam, I am old school and need to know the why!! So if you are going to swear by an answer, have something to back it up with because other than that your statement is on subjective.
Modbus messages can also be sent over Ethernet or TCP/IP. Remote code execution (RCE) attacks allow an attacker to remotely execute malicious code on a computer. The impact of an RCE vulnerability can range from malware execution to an attacker gaining full control over a compromised machine.
I go with Option C has it tends more towards one of the vulenrabilities of Modbus systems - authentication.
There is no authentication method for the Modbus TCP protocol to verify communication between MODBUS master and slave devices. A remote, unauthenticated attacker might take advantage of this exploit to send arbitrary commands through a MODBUS master to any slave device.
I'm leaning toward C. The Modbus protocol lacks security and heavily relies on command input (i.e. diagnostic commands).
https://www.radiflow.com/blog/hack-the-modbus/
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CS0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
david124
Highly Voted 2 years, 5 months agonomad421
Most Recent 1 year, 11 months ago2Fish
2 years, 1 month agoStiobhan
2 years, 2 months agoJoshgip95
2 years, 2 months agoStiobhan
2 years, 1 month agoHNICA
2 years, 4 months agohaykaybam
2 years, 6 months agoAdrian831
2 years, 7 months agoTheSkyMan
2 years, 7 months ago