In this article, you will find the industrial control system (ICS) cyber security multiple choice questions and answers (MCQ).
Cyber Security Multiple Choice Questions
The below list provides the objective questions related to the cybersecurity of the IACS system.
Answers are available at the bottom of the article.
1. What is IPS?
| A) | Intrusion Protection System |
| B) | Instrumentation Protection System |
| C) | Intrusion Patching System |
| D) | Intrusion Prevention System |
2. Which of the statements is/are correct?
| A) | Use of cryptography can add latency in network |
| B) | Cryptography can provide confidentiality and integrity to data |
| C) | Use of cryptography can support data security |
| D) | All of these answers |
3. How many foundational requirements are stated in 62443?
| A) | 8 |
| B) | 4 |
| C) | 3 |
| D) | 7 |
4. Which cyberattack happened by hacking the radio communication?
| A) | Colonial Pipeline |
| B) | New York Dam |
| C) | Maroochy Shire |
| D) | Worcester Air Traffic |
5. What are four major essential components of network security?
| A) | IPS, Firewall, NAC, SIEM |
| B) | IPS, Network Switch, SIEM, IDS |
| C) | Router, IDS, NAC, HMI |
| D) | IDS, IPS, Server, Router |
6. Which one is not an SIS System?
| A) | VAV Box |
| B) | Fire & Gas Systems (FGS) |
| C) | Emergency Shut down (ESD) |
| D) | Process Safety Shutdown (PSS) |
7. Which of the following technologies are being used for secure remote access?
| A) | NAC |
| B) | All of these answers |
| C) | SSL VPN |
| D) | PAM |
| E) | IPSEC VPN |
8. Which one of the following is not an endpoint protection technology?
| A) | Anti-Virus |
| B) | XDR |
| C) | EDR |
| D) | SIEM |
9. What components we can secure by implementing cybersecurity controls on it directly?
| A) | Firewalls |
| B) | Optical Patch Panel |
| C) | HMI |
| D) | Historian |
10. Conversion of Cypher text to plain text?
| A) | Simple Text |
| B) | Decryption |
| C) | Encryption |
| D) | None of these answers |
11. Industroyer malware was used for which cyberattack?
| A) | Ukrainian Power Grid |
| B) | German Steel Mill Attack |
| C) | Colonial Pipeline |
| D) | New York Dam |
12. Which one is not a foundational requirement as per IEC 62443?
| A) | Resource Unavailability |
| B) | Use Control |
| C) | Data Confidentiality |
| D) | Restricted Data Flow |
13. Which of the statements is correct in the context of IPS and IDS?
| A) | IDS can be implemented in line |
| B) | IDS uses SPAN traffic |
| C) | IPS uses SPAN traffic |
| D) | IPS can be implemented in the bypass line |
14. What are the types of IDS based on the type of detection and implementation?
| A) | HIDS & NIDS |
| B) | Signature Based |
| C) | Anomaly Based |
| D) | All of these answers |
15. Which of the following is not a network discovery protocol?
| A) | LDAP |
| B) | LLDP |
| C) | ICMP |
| D) | SNMP |
16. What are the benefits of segmentation?
| A) | Improve Operational Performance |
| B) | Limit Cyberattack Damage |
| C) | Protect Vulnerable Devices |
| D) | Reduce the scope of compliance |
| E) | All of these answers |
17. Which is incorrect from the following statement in context to resource availability?
| A) | By resource availability, we can remove the single point of failure. |
| B) | DoS attacks on the control system doesn’t impact its availability. |
| C) | Redundancy ensures that the system can operate in case of DoS attacks. |
| D) | Ensuring backup systems is also part of resource availability |
18. Which devices or technologies are used for segmentation?
| A) | Virtual Local Area Networks |
| B) | All of these answers |
| C) | Firewalls |
| D) | Unidirectional Gateways |
19. What is correct in context to SIEM?
| A) | Security information and management |
| B) | Security intimation and event management |
| C) | Security information and event management |
| D) | Security event management |
20. What is the correct sequence for identification and authentication?
| A) | Authorization> Authentication> Identification |
| B) | Authorization >Identification> Authentication |
| C) | Identification>Authorization>Authentication |
| D) | Identification> Authentication>Authorization |
21. Which one is correct in terms of the functionalities of SIEM?
| A) | Correlation |
| B) | Retention |
| C) | All of these answers |
| D) | Incident Response |
| E) | Alerting |
22. What are the reasons that cause security problems in control system architectures?
| A) | Increasing dependency on automation and control systems. |
| B) | All of these answers |
| C) | Insecure connectivity to external networks |
| D) | Usage of technologies with known vulnerabilities. |
23. Which one is incorrect?
| A) | In IT Systems reboot is not acceptable |
| B) | In OT fault tolerance is essential. |
| C) | IT systems have confidentiality and integrity as a priority |
| D) | OT Systems are time critical |
24. A hacker guessing the suggested password to a program is called as?
| A) | Password guessing |
| B) | Dictionary Attack |
| C) | Default password attack |
| D) | None of these answers |
25. Which one of the following is not a DCS:
| A) | SPPA-T3000 |
| B) | Siemens S7 |
| C) | Delta V |
| D) | Honeywell Experion |
Click Here for Answers
If you liked this article, then please subscribe to our YouTube Channel for Electrical, Electronics, Instrumentation, PLC, and SCADA video tutorials.
You can also follow us on Facebook and Twitter to receive daily updates.
Next Quiz:
- Measuring Instruments Questions
- Distributed Control System Questions
- Instrumentation and Control Questions
- Circuit Protection Devices Questions
- Transducers Multiple Choice Questions
