Answer A
"They are a critical tool to keep untested or untrusted code from affecting processes, and in limiting the spread of malware and exploits targeting known and unknown vulnerabilities."
https://claroty.com/team82/research/target-dcs-finding-fixing-critical-bugs-in-honeywell-experion-pks
A. Disallow untested code in the execution space of the SCADA device.
This control involves ensuring that only authorized and tested code is allowed to execute on the SCADA device. By disallowing untested code, the risk of malware or unauthorized code execution is reduced, helping to maintain the integrity and security of the SCADA system.
It seems that D is the only realistic answer. I couldn't locate a specific answer, but how can you know if software is untested? A doesn't sound right, seems like D is the most realistic.
https://www.isysl.net/how-stop-malware-attacks-scada-systems
A. Disallow untested code in the execution space of the SCADA device.
SCADA systems are used to control and monitor industrial processes, and they can be vulnerable to malware attacks. One way to reduce device exposure to malware is to disallow untested code in the execution space of the SCADA device. This can be done by only allowing signed or approved code to run on the device, and by implementing access controls to prevent unauthorized code from being loaded onto the device. Additionally, it is important to regularly update and patch the system, monitor the network for any suspicious activity and have a incident response plan in place.
NIST SP 800-82 Rev. 2 has a variety of recommendations for ICS security, but we highlight
some of the most important ones here:
• Apply a risk management process to ICS.
• Segment the network to place IDS/IPS at the subnet boundaries.
• Disable unneeded ports and services on all ICS devices.
• Implement least privilege through the ICS.
• Use encryption wherever feasible.
• Ensure there is a process for patch management.
• Monitor audit trails regularly.
SCADA is part of ICS (Industry Control System)
CISSP Official Study Guide - "Generally, typical security management and hardening process can be applied to ICS, DCS, PLC, and SCADA systems to improve on whatever security is or isn't present in the device from the manufacturer. Common important security controls include isolating networks limiting access physically and logically, restricting code to only application, and logging all activity."
Disabling the use and support of NetBIOS can help to mitigate an attacker's ability to: poison and spoof responses, obtain a user's hashed credentials, inspect web traffic, etc. Using a command called NBSTAT (link below), an attacker can discover computer names, IP addresses, NetBIOS names, Windows Internet Name Service (WINS) names, session information and user IDs. This information can be used to mount focussed attacks on administrative accounts.
upvoted 1 times
...
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
JAckThePip
Highly Voted 2 years, 1 month agojackdryan
1 year, 6 months agoCuteRabbit168
Highly Voted 2 years, 2 months agoTheManiac
Most Recent 6 months, 1 week agoSoleandheel
11 months, 2 weeks agoHughJassole
1 year, 5 months agoDee83
1 year, 10 months agorajkamal0
1 year, 11 months agoDracoL
2 years, 1 month ago[Removed]
2 years agoRVoigt
1 year, 10 months agoJamati
2 years agoRVoigt
1 year, 10 months agoRVoigt
1 year, 9 months agoRVoigt
1 year, 10 months ago