GRID ICS Security Standards and Compliance 3

Question 1

NERC CIP-004 requires personnel risk assessments for individuals who have which type of access?

Accepted Answer

Unescorted physical or electronic logical access to BES Cyber Systems

Answer

CIP-004 mandates personnel risk assessments (background checks) for anyone granted unescorted physical or electronic logical access to BES Cyber Systems to ensure only vetted individuals can interact with critical assets.

Question 2

Which IEC 62443 document tier focuses on 'Policies and Procedures' at the operational level rather than system or component requirements?

Accepted Answer

Series 2 (Policies and Procedures)

Answer

IEC 62443 Series 2 addresses policies, procedures, and the Cybersecurity Management System (CSMS) at the organizational/operational level, distinct from the technical system (Series 3) and component (Series 4) requirements.

Question 3

When applying NIST SP 800-82 guidance, 'defense-in-depth' for ICS primarily means:

Accepted Answer

Layering multiple security controls so that failure of one control does not compromise the whole system

Answer

Defense-in-depth in ICS security means applying multiple, overlapping layers of controls (network segmentation, host hardening, monitoring, physical security) so that a single control failure does not result in a successful attack.

Question 4

Under NERC CIP-010, 'Configuration Change Management' requires entities to maintain baseline configurations for BES Cyber Systems. What is the primary reason for this requirement?

Accepted Answer

To detect unauthorized changes that could indicate a security compromise or introduce vulnerabilities

Answer

Maintaining baselines allows utilities to identify deviations caused by unauthorized or accidental changes, which could introduce vulnerabilities or indicate an active compromise of BES Cyber Systems.

Question 5

IEC 62443-3-3 defines 'Foundational Requirements' (FRs) for IACS. Which of the following is one of the seven FRs?

Accepted Answer

Use Control (UC) — restricting system functionality to authorized users and devices

Answer

Use Control (FR 2) is one of IEC 62443-3-3's seven Foundational Requirements, mandating that only authorized users, software processes, and devices are permitted to use IACS functions, preventing unauthorized operation.

(GRID) GIAC Response and Industrial Defense Practice Test

(GRID) GIAC Response and Industrial Defense Practice Test

GRID ICS Security Standards and Compliance 3