Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. EC-Council
  3. ICS-SCADA

EC-Council ICS-SCADA Exam (page: 3)
EC-Council ICS/SCADA Cyber Security
Updated on: 25-Dec-2025

Viewing Page 3 of 16
ICS-SCADA PDF 75 Questions

In what default directory (fully qualified path) does nmap store scripts?

  1. /usr/share/scripts
  2. /ust/share/nmap/scripts
  3. /usr/share/nmap
  4. /opt

Answer(s): C

Explanation:

Nmap (Network Mapper) is a network scanning and security auditing tool. Scripts used by Nmap for performing different network discovery and security auditing tasks are stored in /usr/share/nmap/scripts. This directory contains a collection of scripts for NSE (Nmap Scripting Engine), which enables Nmap to perform additional networking tasks, often used for detecting vulnerabilities, misconfigurations, and security-related information about network services.


Reference:

Nmap documentation, "Nmap Scripting Engine (NSE)".



Which of the registrars contains the information for the domain owners in South America?

  1. AFRINIC
  2. ARIN
  3. LACNIC
  4. RIPENCC

Answer(s): C

Explanation:

LACNIC (Latin American and Caribbean Network Information Centre) is the regional Internet registry for Latin America and parts of the Caribbean. It manages the allocation and registration of Internet number resources (such as IP addresses and AS numbers) within this region and maintains the registry of domain owners in South America.


Reference:

LACNIC official website, "About LACNIC".



Which of the hacking methodology steps can be used to identify the applications and vendors used?

  1. Enumeration
  2. OSINT
  3. Scanning
  4. Surveillance

Answer(s): B

Explanation:

OSINT (Open Source Intelligence) refers to the collection and analysis of information gathered from public, freely available sources to be used in an intelligence context. In the context of hacking methodologies, OSINT can be used to identify applications and vendors employed by a target organization by analyzing publicly available data such as websites, code repositories, social media, and other internet-facing resources.


Reference:

Michael Bazzell, "Open Source Intelligence Techniques".



Which of the following is a component of an IDS?

  1. All of these
  2. Respond
  3. Detect
  4. Monitor

Answer(s): A

Explanation:

An Intrusion Detection System (IDS) is designed to monitor network or system activities for malicious activities or policy violations and can perform several functions:
Monitor: Observing network traffic and system activities for unusual or suspicious behavior. Detect: Identifying potential security breaches including both known threats and unusual activities that could indicate new threats.
Respond: Executing pre-defined actions to address detected threats, which can include alerts or triggering automatic countermeasures.


Reference:

Cisco Systems, "Intrusion Detection Systems".



Which of the IEC 62443 Security Levels is identified by a cybercrime/hacker target?

  1. 4
  2. 3
  3. 1
  4. 2

Answer(s): B

Explanation:

IEC 62443 is an international series of standards on Industrial communication networks and system security, specifically related to Industrial Automation and Control Systems (IACS). Within the IEC 62443 standards, Security Level 3 is defined as protection against deliberate or specialized intrusion. It is designed to safeguard against threats from skilled attackers (cybercriminals or hackers) targeting specific processes or operations within the industrial control system.


Reference:

International Electrotechnical Commission, "IEC 62443 Standards".



Viewing Page 3 of 16



Share your comments for EC-Council ICS-SCADA exam with other users:

Bhavya 9/12/2023 7:18:00 AM

help to practice csa exam
Anonymous


Malik 9/28/2023 1:09:00 PM

nice tip and well documented
Anonymous


rodrigo 6/22/2023 7:55:00 AM

i need the exam
Anonymous


Dan 6/29/2023 1:53:00 PM

please upload
Anonymous


Ale M 11/22/2023 6:38:00 PM

prepping for fsc exam
AUSTRALIA


ahmad hassan 9/6/2023 3:26:00 AM

pd1 with great experience
Anonymous


Žarko 9/5/2023 3:35:00 AM

@t it seems like azure service bus message quesues could be the best solution
UNITED KINGDOM


Shiji 10/15/2023 1:08:00 PM

helpful to check your understanding.
INDIA


Da Costa 8/27/2023 11:43:00 AM

question 128 the answer should be static not auto
Anonymous


bot 7/26/2023 6:45:00 PM

more comments here
UNITED STATES


Kaleemullah 12/31/2023 1:35:00 AM

great support to appear for exams
Anonymous


Bsmaind 8/20/2023 9:26:00 AM

useful dumps
Anonymous


Blessious Phiri 8/13/2023 8:37:00 AM

making progress
Anonymous


Nabla 9/17/2023 10:20:00 AM

q31 answer should be d i think
FRANCE


vladputin 7/20/2023 5:00:00 AM

is this real?
UNITED STATES


Nick W 9/29/2023 7:32:00 AM

q10: c and f are also true. q11: this is outdated. you no longer need ownership on a pipe to operate it
Anonymous


Naveed 8/28/2023 2:48:00 AM

good questions with simple explanation
UNITED STATES


cert 9/24/2023 4:53:00 PM

admin guide (windows) respond to malicious causality chains. when the cortex xdr agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the ip address to close all existing communication and block new connections from this ip address to the endpoint. when cortex xdrblocks an ip address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. you can view the list of all blocked ip addresses per endpoint from the action center, as well as unblock them to re-enable communication as appropriate. this module is supported with cortex xdr agent 7.3.0 and later. select the action mode to take when the cortex xdr agent detects remote malicious causality chains: enabled (default)—terminate connection and block ip address of the remote connection. disabled—do not block remote ip addresses. to allow specific and known s
Anonymous


Yves 8/29/2023 8:46:00 PM

very inciting
Anonymous


Miguel 10/16/2023 11:18:00 AM

question 5, it seems a instead of d, because: - care plan = case - patient = person account - product = product2;
SPAIN


Byset 9/25/2023 12:49:00 AM

it look like real one
Anonymous


Debabrata Das 8/28/2023 8:42:00 AM

i am taking oracle fcc certification test next two days, pls share question dumps
Anonymous


nITA KALE 8/22/2023 1:57:00 AM

i need dumps
Anonymous


CV 9/9/2023 1:54:00 PM

its time to comptia sec+
GREECE


SkepticReader 8/1/2023 8:51:00 AM

question 35 has an answer for a different question. i believe the answer is "a" because it shut off the firewall. "0" in registry data means that its false (aka off).
UNITED STATES


Nabin 10/16/2023 4:58:00 AM

helpful content
MALAYSIA


Blessious Phiri 8/15/2023 3:19:00 PM

oracle 19c is complex db
Anonymous


Sreenivas 10/24/2023 12:59:00 AM

helpful for practice
Anonymous


Liz 9/11/2022 11:27:00 PM

support team is fast and deeply knowledgeable. i appreciate that a lot.
UNITED STATES


Namrata 7/15/2023 2:22:00 AM

helpful questions
Anonymous


lipsa 11/8/2023 12:54:00 PM

thanks for question
Anonymous


Eli 6/18/2023 11:27:00 PM

the software is provided for free so this is a big change. all other sites are charging for that. also that fucking examtopic site that says free is not free at all. you are hit with a pay-wall.
EUROPEAN UNION


open2exam 10/29/2023 1:14:00 PM

i need exam questions nca 6.5 any help please ?
Anonymous


Gerald 9/11/2023 12:22:00 PM

just took the comptia cybersecurity analyst (cysa+) - wished id seeing this before my exam
UNITED STATES