CAS-005 Question #392: Real Exam Question with Answer & Explanation

Question

SIMULATION An incident occurred at Site A when an attacker successfully caused water pressure to increase in the pump room. The organization is concerned about reoccurrence of this attack and that similar attacks might be successful on other cyber-physical systems within the network. All devices and components reside on a flat network within the 10.1.0.0/16 space. INSTRUCTIONS Take the appropriate actions to reduce the risk of reoccurrence of this and other environmental security vulnerabilities. Select the component(s) at Sites A and B that have environmental impact potential. Then, select the corrective action that will best reduce the risk of incident reoccurrence. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Answer: At Site A: SCADA master controller - Controls and monitors physical processes. PLC (both) - Programmable Logic Controllers directly interface with pumps/valves. Pumps - Direct environmental impact (increased water pressure in incident). At Site B: PLC - As above, interfaces with physical systems. Pumps - As above, environmental impact through pressure, flow, etc. Corrective Action - Isolate from the network The devices reside on a flat network, increasing risk. Isolation (e.g., segmentation or VLANs) limits lateral movement and access to critical cyber-physical systems (CPS) like PLCs and pumps.

Options

• taskTake the appropriate actions to reduce the risk of reoccurrence of this and other environmental security vulnerabilities.
• prerequisitesCommand-line access with sudo privileges