What type of communication protocol does Modbus RTU use?
Answer(s): C
Modbus RTU (Remote Terminal Unit) is a communication protocol based on a master-slave architecture that uses serial communication. It is one of the earliest communication protocols developed for devices connected over serial lines. Modbus RTU packets are transmitted in a binary format over serial lines such as RS-485 or RS-232.
Modbus Organization, "MODBUS over Serial Line Specification and Implementation Guide V1.02".
Which of the ICS/SCADA generations is considered monolithic?
Answer(s): B
The first generation of ICS/SCADA systems is considered monolithic, primarily characterized by standalone systems that had no external communications or connectivity with other systems. These systems were typically fully self-contained, with all components hard-wired together, and operations were managed without any networked interaction.
U.S. Department of Homeland Security, "Recommended Practice: Improving Industrial Control System Cybersecurity with Defense-in-Depth Strategies".
Which of the following components is not part of the Authentication Header (AH)?
The Authentication Header (AH) is a component of the IPsec protocol suite that provides authentication and integrity to the communications. AH ensures that the contents of the communications have not been altered in transit (integrity) and verifies the sending and receiving parties (authentication). However, AH does not provide confidentiality, which would involve encrypting the payload data. Confidentiality is provided by the Encapsulating Security Payload (ESP), another component of IPsec.
RFC 4302, "IP Authentication Header".
How many main score areas are there in the CVSS?2
The Common Vulnerability Scoring System (CVSS) is a framework for rating the severity of security vulnerabilities. CVSS provides three main score areas: Base, Temporal, and Environmental. Base Score evaluates the intrinsic qualities of a vulnerability. Temporal Score reflects the characteristics of a vulnerability that change over time. Environmental Score considers the specific impact of the vulnerability on a particular organization, tailoring the Base and Temporal scores according to the importance of the affected IT asset.
FIRST, "Common Vulnerability Scoring System v3.1: Specification Document".
Which of the following is NOT an exploit tool?
Answer(s): D
Among the options listed, Nessus is primarily a vulnerability assessment tool, not an exploit tool. It is used to scan systems, networks, and applications to identify vulnerabilities but does not exploit them. On the other hand, Canvas, Core Impact, and Metasploit are exploit tools designed to actually perform attacks (safely and legally) to demonstrate the impact of vulnerabilities.
Tenable, Inc., "Nessus FAQs".
Post your Comments and Discuss EC-Council ICS-SCADA exam dumps with other Community members:
Amazon SQS
API Gateway
Lambda
usage plan
AWS WAF
Amazon ECS
Application Load Balancer
AWS Global Accelerator
Network Load Balancer
EC2
Auto Scaling group
CloudFront
ALB
AWS PrivateLink
CRR
SSE-S3
Athena
S3
SSE-KMS
RDS Custom for Oracle
s3:GetObject
Amazon OpenSearch Service
CloudWatch Logs
Kinesis Data Firehose
Kinesis
S3 bucket
SQS
AWS Lambda
AWS Secrets Manager
AWS Systems Manager OpsCenter
secretsmanager:GetSecretValue
seq
for h in {1..254}
for h in $(seq 1 254); do
Kinesis Data Streams
Amazon Redshift
secrets:GetSecretValue
aws:PrincipalOrgID
"aws:PrincipalOrgID": "o-1234567890"
Azure Bot Service
Microsoft.Network/applicationSecurityGroups
Microsoft.Network/bastions
Microsoft.Network
COPY INTO
SELECT
COPY INTO @stage/path/file.csv FROM (SELECT col1, col2 FROM my_table WHERE date >= '2024-01-01') FILE_FORMAT=(TYPE=CSV);
Users
External collaboration settings
zone
subinterfaces