Exam (elaborations) IEC 62443-IC33

What type of vulnerability assessment technique involves using exploit tools? - ANSPenetration Testing (Most Invasive) Which vulnerability assessment provides feedback on performance in comparison to industry peers? - ANSGap Assessment (High Level - Least invasive) Which type of assessment may include reviewing document, system walk-thru, traffic analysis, or ARP tables? - ANSPassive Assessment Vulnerability Assessment - ANSDefines, Identifies, Classifies the security vulnerabilities Penetration Testing - ANSExploits vulnerabilities Which type of assessment uses tools to discover devices and vulnerabilities of the IACS? - ANSActive Assessment What type of vulnerability assessment identifies the worst-case unmitigated risk that the SuC presents to the organization? - ANSCyber Risk Assessment Which gap assessment tool was created by the US DHS? - ANSCSET What type of tool is used to capture and display Ethernet communications? - ANSPacket Capture A feature that sends a copy of a network from one or more switch ports to a special monitoring port is called: - ANSPort Mirroring Which computer programs assess computers, computer systems, networks or applications for weaknesses against databases of know vulnerabilities? - ANSNetwork Vulnerability Scanning Tools Nessuss, Nexpose, and Retina are assessment tools used to discover: - ANSSystem Vulnerabilities What is the entity that can manifest a threat? - ANSThreat source What is the term for the likelihood of the threat scenario occurring and leading to the final consequence taking into account all protection measures and cybersecurity countermeasures in place? - ANSMitigated Threat Likelihood (MTL)