ISA-IEC-62443 無料問題集「ISA/IEC 62443 Cybersecurity Fundamentals Specialist」

（A）Review of system logs and other key data files

（B）Significant changes in identified risk round in periodic reassessments

（C）Restricted access to the industrial control system to an as-needed basis

（D）Increase in staff training and security awareness

（A）Patches should be applied based on the organization's risk assessment.

（B）Patches should be applied within one month of availability.

（C）Patches should be applied as soon as they are available.

（D）Patches never should be applied in an IACS environment.

（A）Ensures that users can access systems from remote locations

（B）Ensures that users correctly manage their username and password

（C）Ensures that users can access only certain devices on the network

（D）Ensures that users can access only the functions they need for their job

（A）To describe a process for risk management

（B）To define a security management organization

（C）To define a product development evaluation methodology

（D）To describe what constitutes a secure product

（A）VLAN and VPN

（B）OPC and DCOM

（C）LLC and MAC

（D）HIDS and NIDS

（A）User applications specific to network applications such as reading data registers in a PLC

（B）Data encryption, routing, and end-to-end connectivity

（C）Framing, converting electrical signals to data, and error checking

（D）The electrical and physical specifications of the data connection

（A）All components in a large or complex system should be in the same security zone.

（B）Security zones should contain assets that share common security requirements.

（C）Assets within the same logical communication network should be in the same security zone.

（D）Security zones should align with physical network segments.

（A）62443-3-3

（B）62443-3-2

（C）62443-4-1

（D）62443-1-1

（A）Aligned needs of industrial users

（B）Aligned development process

（C）Well-documented security policies and procedures

（D）Defense-in-depth approach to designing