Global Industrial Cyber Security Professional v1.0

Page:    1 / 6   
Exam contains 78 questions

Which of the following is a team of incident responders that often coordinate with organizations and law enforcement to reduce risks and advise on security threats?

  • A. CVE
  • B. COBIT
  • C. CERT
  • D. CVSS


Answer : C

Which of the following is a containment task within the six step incident handling process?

  • A. Checking to ensure that the most recent patches were deployed to a web application server
  • B. Creating a forensic image of a compromised workstation
  • C. Re-imaging a workstation that was exhibiting worm-like behaviour
  • D. Validate fix using a vulnerability scan of the hosts within the DMZ


Answer : B

How are general purpose Programmable Logic Controllers (PLC) different than smart field devices?

  • A. Smart field devices cannot be controlled centrally from a management server
  • B. Programmable Logic Controllers are usually microcontroller-based
  • C. Programmable Logic Controllers have a more limited purpose and function
  • D. Smart field devices contain their own control logic that cannot be changed


Answer : C

An attacker crafts an email that will send a user to the following site if they click a link in the message. What else is necessary for this type of attack to work? hmi.giac.org/disconnect?sensor=812

  • A. The attacker must obtain a session cookie from an authorized HMI user
  • B. The user clicking the link must be an administrator on the network
  • C. The user must be authenticated to the HMI interface before clicking the link
  • D. The attacker must enclose the URL parameter with <script> tags to run the code


Answer : C

What can be configured on the router so that it can most effectively implement and enforce zones for the shown subnets?

  • A. MAC-based port security
  • B. Access control lists
  • C. Secure Shell
  • D. 802.1x protocol


Answer : B

Which type of device is the following configuration setting from? deny modbus function write-multiple-holdingregisters

  • A. Network firewall
  • B. NIDS
  • C. SIEM
  • D. Application firewall


Answer : B

What type of physical security control is a procedure that details what to do in the event of a security breach?

  • A. Responsive
  • B. Detective
  • C. Delaying
  • D. Deterrence


Answer : A

For a SQL injection login authentication bypass to work on a website, it will contain a username comparison that the database finds to be true. What else is required for the bypass to work?

  • A. An unencrypted login page
  • B. The database's comment characters
  • C. Two pipe characters (||)
  • D. The correct password


Answer : B

Which of the following devices would indicate an enforcement boundary?

  • A. An application with a login screen
  • B. A workstation with antivirus
  • C. A router with ACLs
  • D. A switch with VLANs


Answer : C

What is a recommended practice for securing historians and databases whose purpose is to feed data back into the control processes?

  • A. Audit both successful and failed login attempts to databases
  • B. Facilitate auditing by placing historians and databases in the same DMZ
  • C. Use a dedicated domain admin user account to manage databases
  • D. Use reliable network protocols like HTTP for remote management


Answer : B

Which of the following is part of the Respond function of the NIST CSF (cybersecurity framework)?

  • A. Discovering malicious activity on the network using multiple sensors
  • B. Performing forensics analysis on a system and eradicating malware
  • C. Restoring from backup a system that had been compromised
  • D. Limiting user access to only those network resources necessary for them to do their jobs


Answer : B

An attacker writes a program that enters a large number of characters into the password field of a website, followed by a command. The website gave him administrative access, even though he did not use a valid username or password.
What is the name of this attack?

  • A. Man-in-the-Middle
  • B. Buffer overflow
  • C. Cross-site scripting
  • D. Fuzzing


Answer : B

During a plant upgrade a n architect needs to connect legacy IEDs to a new TCP/IP instrumentation LAN. The IEDs only have RS-232 communication interfaces available. What would best be used to connect the IEDs?

  • A. Data diode
  • B. Engineering workstation
  • C. Communications Gateway
  • D. Industrial switch


Answer : C

Which type of process is described below?
The Station A stamping machine receives 250 Kg of rolled stock from Roller Station B, which it stamps into bearings.

  • A. Distributed
  • B. Continuous
  • C. Batch
  • D. Discrete


Answer : D

An administrator relaxes the password policy during disaster recovery operations. What is the result of this action?

  • A. Negative effect on recovery point objective (RPO)
  • B. Positive effect on recovery time objective (RTO)
  • C. Increased risk
  • D. Reduced insurance needs


Answer : C

Page:    1 / 6   
Exam contains 78 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy | Amazon Exams | Cisco Exams | CompTIA Exams | Databricks Exams | Fortinet Exams | Google Exams | Microsoft Exams | VMware Exams