ICS410: ICS/SCADA Security Essentials
Exam Prep
Section 1: Basics of ICS/SCADA
1. Question: What does ICS stand for?
o Answer: Industrial Control Systems.
2. Question: What is the primary purpose of a SCADA system?
o Answer: To monitor and control industrial processes in real-time.
3. Question: Name three core components of a SCADA system.
o Answer: Human-Machine Interface (HMI), Remote Terminal Units (RTUs),
Programmable Logic Controllers (PLCs).
4. Question: How do SCADA systems typically communicate with field devices?
o Answer: Using communication protocols such as Modbus, DNP3, or OPC.
5. Question: What is the difference between SCADA and Distributed Control Systems (DCS)?
o Answer: SCADA is used for long-distance monitoring and control, while DCS is used
for local control within a facility.
6. Question: Define “supervisory control” in SCADA.
o Answer: The ability to monitor and control field devices remotely via a centralized
system.
7. Question: What is the role of an HMI in a SCADA system?
o Answer: To provide a graphical interface for operators to interact with the control
system.
8. Question: What does an RTU do?
o Answer: It collects data from sensors and sends it to the SCADA system.
9. Question: What is a PLC?
o Answer: A Programmable Logic Controller used for automating control of
machinery.
10. Question: Describe telemetry in the context of SCADA.
o Answer: The process of transmitting data from remote sensors to a central
monitoring system.
11. Question: What are control loops in ICS?
o Answer: Systems that regulate processes by measuring and adjusting variables to
maintain setpoints.
, 12. Question: What is a typical application of SCADA systems?
o Answer: Water treatment facilities, power generation, and oil and gas distribution.
13. Question: Define “field device” in an ICS context.
o Answer: Any sensor or actuator located in the field that interacts with the physical
process.
14. Question: What is a communication protocol?
o Answer: A set of rules governing data transmission between devices.
15. Question: What is the function of a data historian in SCADA?
o Answer: To store and retrieve time-series data from industrial processes for
analysis.
Section 2: Security Threats and Vulnerabilities
16. Question: What is a common cyber threat to ICS/SCADA systems?
o Answer: Malware attacks, including ransomware.
17. Question: Define “air gap” as it relates to ICS security.
o Answer: A security measure that isolates a network from other networks to prevent
unauthorized access.
18. Question: What is a zero-day vulnerability?
o Answer: A security flaw that is unknown to the vendor and has no available patch.
19. Question: What is social engineering?
o Answer: Manipulating individuals to divulge confidential information.
20. Question: How can insider threats impact ICS security?
o Answer: Employees may intentionally or unintentionally compromise security.
21. Question: What is a denial-of-service (DoS) attack?
o Answer: An attack that makes a system or network unavailable by overwhelming it
with traffic.
22. Question: What role do unpatched vulnerabilities play in ICS security?
o Answer: They can be exploited by attackers to gain unauthorized access.
23. Question: What is a common method of data exfiltration in ICS attacks?
o Answer: Transmitting sensitive data out of the network, often via malware.
24. Question: What is the significance of default passwords in ICS devices?
o Answer: Default passwords are often well-known and can be easily exploited by
attackers.
25. Question: Describe the implications of using weak encryption in ICS communications.
Exam Prep
Section 1: Basics of ICS/SCADA
1. Question: What does ICS stand for?
o Answer: Industrial Control Systems.
2. Question: What is the primary purpose of a SCADA system?
o Answer: To monitor and control industrial processes in real-time.
3. Question: Name three core components of a SCADA system.
o Answer: Human-Machine Interface (HMI), Remote Terminal Units (RTUs),
Programmable Logic Controllers (PLCs).
4. Question: How do SCADA systems typically communicate with field devices?
o Answer: Using communication protocols such as Modbus, DNP3, or OPC.
5. Question: What is the difference between SCADA and Distributed Control Systems (DCS)?
o Answer: SCADA is used for long-distance monitoring and control, while DCS is used
for local control within a facility.
6. Question: Define “supervisory control” in SCADA.
o Answer: The ability to monitor and control field devices remotely via a centralized
system.
7. Question: What is the role of an HMI in a SCADA system?
o Answer: To provide a graphical interface for operators to interact with the control
system.
8. Question: What does an RTU do?
o Answer: It collects data from sensors and sends it to the SCADA system.
9. Question: What is a PLC?
o Answer: A Programmable Logic Controller used for automating control of
machinery.
10. Question: Describe telemetry in the context of SCADA.
o Answer: The process of transmitting data from remote sensors to a central
monitoring system.
11. Question: What are control loops in ICS?
o Answer: Systems that regulate processes by measuring and adjusting variables to
maintain setpoints.
, 12. Question: What is a typical application of SCADA systems?
o Answer: Water treatment facilities, power generation, and oil and gas distribution.
13. Question: Define “field device” in an ICS context.
o Answer: Any sensor or actuator located in the field that interacts with the physical
process.
14. Question: What is a communication protocol?
o Answer: A set of rules governing data transmission between devices.
15. Question: What is the function of a data historian in SCADA?
o Answer: To store and retrieve time-series data from industrial processes for
analysis.
Section 2: Security Threats and Vulnerabilities
16. Question: What is a common cyber threat to ICS/SCADA systems?
o Answer: Malware attacks, including ransomware.
17. Question: Define “air gap” as it relates to ICS security.
o Answer: A security measure that isolates a network from other networks to prevent
unauthorized access.
18. Question: What is a zero-day vulnerability?
o Answer: A security flaw that is unknown to the vendor and has no available patch.
19. Question: What is social engineering?
o Answer: Manipulating individuals to divulge confidential information.
20. Question: How can insider threats impact ICS security?
o Answer: Employees may intentionally or unintentionally compromise security.
21. Question: What is a denial-of-service (DoS) attack?
o Answer: An attack that makes a system or network unavailable by overwhelming it
with traffic.
22. Question: What role do unpatched vulnerabilities play in ICS security?
o Answer: They can be exploited by attackers to gain unauthorized access.
23. Question: What is a common method of data exfiltration in ICS attacks?
o Answer: Transmitting sensitive data out of the network, often via malware.
24. Question: What is the significance of default passwords in ICS devices?
o Answer: Default passwords are often well-known and can be easily exploited by
attackers.
25. Question: Describe the implications of using weak encryption in ICS communications.
