CompTIA SecurityX (CAS-005) — Question 136

Engineers are unable to control pumps at Site A from Site В when the SCADA controller at Site A experiences an outage. A security analyst must provide a secure solution that ensures Site A pumps can be controlled by a SCADA controller at Site В if a similar outage occurs again. Which of the following represents the most cost-effective solution?

Answer options

• A. Procure direct fiber connectivity between Site A and Site В and limit its use to the critical SCADA controller traffic only.
• B. Install backup SCADA controllers at each site, isolate them from the ОТ network, and assign these backup controllers as high-availability pairs.
• C. Isolate the ОТ environment by providing an air-gapped network segment. Place the SCADA controller for each site in this network segment to minimize outages.
• D. Configure VPN concentrators inside the ОТ network segments at Site A and Site В and allow the controllers to act as secondary devices for the other site's pumps across this encrypted tunnel.

Correct answer: D

Explanation

The correct answer, D, is effective because it allows secure remote control of pumps using VPN technology, ensuring minimal disruption during outages. Options A and C do not provide the necessary flexibility for remote control during failures, while option B, although reliable, involves higher costs due to the need for additional hardware.