CompTIA CySA+ (CS0-001) — Question 150

Which of the following BEST describes why vulnerabilities found in ICS and SCADA can be difficult to remediate?

Answer options

• A. ICS/SCADA systems are not supported by the CVE publications.
• B. ICS/SCADA systems rarely have full security functionality.
• C. ICS/SCADA systems do not allow remote connections.
• D. ICS/SCADA systems use encrypted traffic to communicate between devices.

Correct answer: A

Explanation

The correct answer is A because the lack of support from CVE publications limits the documentation and resources available for identifying and addressing vulnerabilities in ICS and SCADA systems. Options B, C, and D are incorrect as they do not specifically address the root cause of remediation difficulties; while they may describe aspects of ICS/SCADA systems, they do not relate to the availability of vulnerability information.