CompTIA CASP+ (CAS-004) — Question 579

A security engineer is concerned about the threat of side-channel attacks. The company experienced a past attack that degraded parts of a SCADA system, causing a fluctuation to 20,000rpm from its normal operating range. As a result, the part deteriorated more quickly than the mean time to failure. A further investigation revealed the attacker was able to determine the acceptable rpm range, and the malware would then fluctuate the rpm until the part failed. Which of the following solutions would be BEST to prevent a side-channel attack in the future?

Answer options

• A. Installing online hardware sensors
• B. Air gapping important ICS and machines
• C. Implementing a HIDS
• D. Installing a SIEM agent on the endpoint

Correct answer: B

Explanation

Option B is the best choice as air gapping important ICS and machines can significantly reduce the risk of unauthorized access and manipulation, which is crucial in preventing side-channel attacks. The other options, while beneficial for overall security, do not directly address the isolation of critical systems from potential attackers as effectively as air gapping does.