Well elaborated”” ISA 62443 Cybersecurity Fundamentals Exam IC32

Well elaborated”” ISA 62443 Cybersecurity Fundamentals Exam IC32 What does ISA-62443 1-1 Cover? - ANSWERSBasic Concepts and models related to cybersecurity. The difference between IT and IACS, Defense-in-Depth and Security zones and conduits. The difference between IT and IACS - ANSWERSIACS Cybersecurity has to address issues of health, safety and environment (HSE). IT - Confidentiality - Integrity - Availability. IACS - Availability - Integrity - Confidentiality. With IACS there are lives on the line - downtime/rebooting not acceptable. COTS - ANSWERSCommercial off the shelf Defence in Depth - ANSWERSLayered Security (order doesn't matter this is example): Physical Security Policies and Procedures Zones & Conduits Malware Prevention Access Controls Monitoring & Detection Patching Risk equation - ANSWERSRisk = Threat x Vulnerability x Consequence 5 Risk Responses - ANSWERS1. Design the risk out 2. Reduce the risk 3. Accept the risk 4. Transfer or share the risk 5. Redesign ineffective controls What requires continuous operation, may not tolerate rebooting and may require certification after any changes - ANSWERSIACS What is Shodan? - ANSWERSOnline service which has done a full port scan of the entire IPv4 Internet What is a regulation? - ANSWERSMandatory rules to follow What is a standard? - ANSWERSStandards are voluntary codes for which there are no legal obligations to comply. Possibility of getting sued if negligent Normative standard? - ANSWERSNormative elements are indicated by the use of the words "shall" or "must" Informative standard? - ANSWERSThe informative elements provide clarification or additional information like guidelines What is ISA99? - ANSWERSCommittee that makes standards across industries What are the 4 work product organization (Groups) of the ISA 62443 standards? - ANSWERS1. General 2. Policies & Procedures 3. System 4. Component Are TRs normative or informative? - ANSWERSInformative ISA-62443-1-1 - ANSWERSConcepts and Models ISA-62443-2-1 - ANSWERSSecurity program requirements for IACS asset owners - ANSWERS - ANSWERS - ANSWERS - ANSWERS - ANSWERS - ANSWERS ISA-62443-3-3 - ANSWERSSystem security requirements and security levels 3 most important 62443 primary groups - ANSWERS1-1 2-1 3-3 IEC - ANSWERSInternational Electrotechnical Commission ISO - ANSWERSInternational Organization for Standardization ISA99 Membership types - ANSWERS1. Information - Draft but no voting 2. Voting - must vote and only 1 per company 3. Alternate - Voting backup Explain the IACS Cybersecurity Lifecycle and the activities in each phase. - ANSWERS1. Asses (Assign a SL-T) (IC33) 2. Develop and implement (Countermeasures implemented to meet SL-T) (IC34) 3. Maintain (Ensure countermeasures maintain or exceed SL-A) (IC37) Discuss the IACS Automation Solution Security Lifecycle from ISAGCA. - ANSWERSThis lifecycle assigns responsibilities and accountability to each member involved in a IACS. Including Owner, Supplier, Integrator and Maintainer. Specification, Design, Implementation, Verification and validation, Operation, Maintenance and Decommissioning Asset model - ANSWERSDescribes relationships between assets within an IACS. Starts at a high level 4,3,2,1,0 e.g. control equipment down to sensors. Explicitly includes networks and ancillary equipment. Generic enough to apply to any control system. Reference model (list order of numbers) - ANSWERSOverall conceptual basis for the more detailed models. Goes from level 4 overview to level 0 process Reference architecture model - ANSWERSDescribes the specific configuration of assets in a control system using the asset model (Architecture key word) (unique for each system) Zone model groups - ANSWERSReference architecture elements according to defined characteristics (zone and conduits) Security zone - ANSWERSlogical grouping of physical, informational and application assets sharing common security requirements. Zones must have a logical border where a device controls traffic in and out. E.G. router/firewall Conduit - ANSWERSCommunication channel between zones. Conduits crossing zones must use secure end-to-end encryption. SL-T? - ANSWERSSecurity level target Security level - ANSWERSIt's a measure of confidence that the industrial automation control system is free from vulnerabilities and functions in the intended manner. Goes from SL 0 (low) to SL 4 (high). SL 0 - ANSWERSNo specific requirements or security protection necessary SL 1 - ANSWERSprotect against casual or coincidental violation SL 2 - ANSWERSprotection against intentional violation using simple means with low