GIAC GICSP - Global Industrial Cyber Security Professional Exam
Page: 2 / 16
Total 78 questions
Question #6 (Topic: Exam A)
What kind of data could be found on a historian?
A. Information needed for billing customers
B. Information for supervising lower-level controllers in real-time
C. Diagrams depicting an overview of the process
D. Runtime libraries that software programs use
Answer: A
Question #7 (Topic: Exam A)
Which of the following can an attacker gain by obtaining PLC logic project files for a SCADA system?
A. Data regarding personnel and hiring practices
B. Details about the network architecture
C. Information about operational firewall rulesets
D. Schedule of vendor product releases
Answer: B
Question #8 (Topic: Exam A)
Which control helps prevent threats to Integrity?
A. Firewall egress filtering
B. Logging IDS alerts
C. Centralized LDAP authentication
D. Implementing digital signatures
Answer: D
Question #9 (Topic: Exam A)
What mechanism could help defeat an attacker's attempt to hide evidence of his/her actions on the target system?
A. Attack surface analysis
B. Application allow lists
C. Sandboxing
D. Centralized logging
Answer: D
Question #10 (Topic: Exam A)
An attacker has a goal of obtaining information stored in an ICS. Why might the attacker focus his efforts on the operating system rather than the ICS application?
A. Organizations generally do not define a role or responsibility for dealing with operating systems, leaving them neglected and vulnerable
B. The operating system will have fewer vulnerabilities than the ICS application
C. The ICS is more likely to have vendor-provided security hardening guidance than the operating system will
D. Control of the operating system offers access to applications running on it
Answer: D
