CAS-003 Question #965: Real Exam Question with Answer & Explanation

The correct answer is A: Network segmentation. The root cause of this incident is that the HVAC vendor's credentials, once compromised, provided direct administrative access to the SCADA network. Network segmentation would place the SCADA/ICS network in an isolated zone with strict access controls, so that even if vendor cred

Question

The credentials of a hospital's HVAC vendor were obtained using credential-harvesting malware through a phishing email. The HVAC vendor has administrative privileges m the SCADA network. Which of the following would prevent this from happening again in the future?

Options

ANetwork segmentation
BVulnerability scanning
CPassword complexity rules
DSecurity patching

Explanation

The root cause of this incident is that the HVAC vendor's credentials, once compromised, provided direct administrative access to the SCADA network. Network segmentation would place the SCADA/ICS network in an isolated zone with strict access controls, so that even if vendor credentials are stolen, the attacker cannot reach the SCADA network from the general corporate network or internet. This is the principle of defense-in-depth for critical infrastructure. Option B (vulnerability scanning) identifies weaknesses but does not prevent credential-based unauthorized access. Option C (password complexity) does not help because the credentials were phished, not brute-forced - stronger passwords are still stolen just as easily. Option D (security patching) addresses software vulnerabilities, not the credential theft or lateral movement vector. Segmentation limits the blast radius of any credential compromise regardless of how it occurs.

Community Discussion

No community discussion yet for this question.

Full CAS-003 Practice