GRID ICS Security Standards and Compliance 3

Question 1

NERC CIP-004 requires personnel risk assessments for individuals who have which type of access?

Accepted Answer

Unescorted physical or electronic logical access to BES Cyber Systems

Answer

Access to any IT or corporate network resource

Answer

Administrative access to business email systems only

Answer

Remote access to corporate VPN for teleworking

Question 2

Which IEC 62443 document tier focuses on 'Policies and Procedures' at the operational level rather than system or component requirements?

Accepted Answer

Series 2 (Policies and Procedures)

Answer

Series 1 (General)

Answer

Series 3 (System Requirements)

Answer

Series 4 (Component Requirements)

Question 3

When applying NIST SP 800-82 guidance, 'defense-in-depth' for ICS primarily means:

Accepted Answer

Layering multiple security controls so that failure of one control does not compromise the whole system

Answer

Deploying a single high-assurance firewall at the network boundary

Answer

Relying on physical security as the only necessary protection layer

Answer

Encrypting all OT communications with military-grade algorithms

Question 4

Under NERC CIP-010, 'Configuration Change Management' requires entities to maintain baseline configurations for BES Cyber Systems. What is the primary reason for this requirement?

Accepted Answer

To detect unauthorized changes that could indicate a security compromise or introduce vulnerabilities

Answer

To enable faster software upgrades and patch deployment

Answer

To reduce operational costs by standardizing hardware across substations

Answer

To comply with OSHA workplace safety standards for electrical equipment

Question 5

IEC 62443-3-3 defines 'Foundational Requirements' (FRs) for IACS. Which of the following is one of the seven FRs?

Accepted Answer

Use Control (UC) — restricting system functionality to authorized users and devices

Answer

Mandatory antivirus deployment on all OT endpoints

Answer

Annual penetration testing of all control system components

Answer

Encryption of all HMI-to-PLC communications using TLS 1.3

Question 6

NERC CIP-009 addresses Incident Response plans for BES Cyber System incidents. Which of the following is a specific requirement under CIP-009?

Accepted Answer

Testing the incident response plan at least once every 15 months through an exercise or tabletop

Answer

Mandatory reporting of all cyber incidents to the FBI within 1 hour

Answer

Deployment of a Security Operations Center (SOC) at every substation

Answer

Automatic isolation of compromised BES assets using AI-driven tools

Question 7

When an ICS environment must comply with both NERC CIP and IEC 62443, which approach best resolves overlapping requirements?

Accepted Answer

Implement the stricter of the two requirements for each control area so both standards are simultaneously satisfied

Answer

Apply whichever standard is less restrictive to minimize compliance cost

Answer

Treat the standards as mutually exclusive and choose only one to follow

Answer

Request a regulatory waiver to use only IEC 62443 in place of NERC CIP