Free Preparation Discussions
MENU
Eccouncil ICS-SCADA Exam Questions
- Topic 1: Introduction to ICS/SCADA Network Defense: This topic covers IT security model, ICS/SCADA security model, security posture, risk management, risk assessment and security policy.
- Topic 2: TCP/IP 101: Its primary focus is on TCP/IP network. This topic covers ICS/SCADA protocols, TCP/IP layering, TCP/IP protocol architecture, RFCs and STDs.
- Topic 3: Introduction to Hacking: It discusses scanning, footprinting, intelligence gathering, hacking methodology, exploitation, covering tracks, and enumeration.
- Topic 4: Vulnerability Management: System vulnerabilities, desktop vulnerabilities, CVE, ICS/SCADA vulnerability sites, ICS/SCADA vulnerability uniqueness, and challenges of vulnerability management within ICS/SCADA are its sub-topics.
- Topic 5: Standards and Regulations for Cybersecurity: It discusses ISO 27001, ICS/SCADA, NERC CIP, CFATS, ISA99, and NIST SP 800-82.
- Topic 6: Securing the ICS Network: This topic delves into physical security, monitoring, legacy machines, ISO roadmap, and vulnerability assessment.
- Topic 7: Bridging the Air Gap: It covers guard, Data diode, and next-generation firewalls.
- Topic 8: Introduction to Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS): The topic covers network node, advantages of IDS, and limitations of IDS.
Free Eccouncil ICS-SCADA Exam Actual Questions
Note: Premium Questions for ICS-SCADA were last updated On Jun. 13, 2025 (see below)
Which of the following names represents inbound filtering?
Ingress filtering is a method used in network security to ensure that incoming packets are allowed or blocked based on a set of security rules.
This type of filtering is often implemented at the boundaries of networks to prevent unwanted or harmful traffic from entering a more secure internal network.
The term 'ingress' refers to traffic that is entering a network boundary, whereas 'egress' refers to traffic exiting a network.
Reference
Cisco Networking Academy Program: Network Security.
'Understanding Ingress and Egress Filtering,' Network Security Guidelines, TechNet.
Which of the IEC 62443 Security Levels is identified by a cybercrime/hacker target?
IEC 62443 is an international series of standards on Industrial communication networks and system security, specifically related to Industrial Automation and Control Systems (IACS). Within the IEC 62443 standards, Security Level 3 is defined as protection against deliberate or specialized intrusion. It is designed to safeguard against threats from skilled attackers (cybercriminals or hackers) targeting specific processes or operations within the industrial control system. Reference:
International Electrotechnical Commission, 'IEC 62443 Standards'.
Which of the following are required functions of information management?
Information management within the context of network security involves several critical functions that ensure data is correctly handled for security operations. These functions include:
Normalization: This process standardizes data formats from various sources to a common format, making it easier to analyze systematically.
Correlation: This function identifies relationships between disparate pieces of data, helping to identify patterns or potential security incidents.
Data enrichment: Adds context to the collected data, enhancing the information with additional details, such as threat intelligence.
All these functions are essential to effective information management in security systems, allowing for more accurate monitoring and faster response to potential threats.
Reference
'Data Enrichment and Correlation in SIEM Systems,' Security Information Management Best Practices.
'Normalization Techniques for Security Data,' Journal of Network Security.
The vulnerability that led to the WannaCry ransomware infections affected which protocol?
WannaCry is a ransomware attack that spread rapidly across multiple computer networks in May 2017.
The vulnerability exploited by the WannaCry ransomware was in the Microsoft Windows implementation of the Server Message Block (SMB) protocol.
Specifically, the exploit, known as EternalBlue, targeted a flaw in the SMBv1 protocol. This flaw allowed the ransomware to spread within corporate networks without any user interaction, making it one of the fastest-spreading and most harmful cyberattacks at the time.
Reference
National Vulnerability Database, CVE-2017-0144: https://nvd.nist.gov/vuln/detail/CVE-2017-0144
Which component of the IT Security Model is attacked with masquerade?
A masquerade attack involves an attacker pretending to be an authorized user of a system, thus compromising the authentication component of the IT security model. Authentication ensures that the individuals accessing the system are who they claim to be. By masquerading as a legitimate user, an attacker can bypass this security measure and gain unauthorized access to the system. Reference:
William Stallings, 'Security in Computing'.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Valene
1 months agoSalina
3 months agoAlishia
4 months agoMartha
5 months agoLeonida
5 months agoAlpha
5 months agoJaney
6 months agoBurma
6 months agoMy
6 months agoIluminada
7 months agoRebbecca
7 months agoJules
7 months agoMalinda
7 months agoGerardo
8 months agoFrancoise
8 months agoEulah
9 months agoSanjuana
9 months agoTequila
9 months agoFranchesca
9 months agoHerminia
10 months agoEmerson
11 months agoDorthy
11 months agoJanna
12 months agoTresa
12 months agoCherry
12 months agoCharlesetta
1 years agoKirk
1 years agoJacki
1 years ago