CompTIA PenTest+ (PT0-001) — Question 9

Which of the following BEST describes some significant security weaknesses with an ICS, such as those used in electrical utility facilities, natural gas facilities, dams, and nuclear facilities?

Answer options

• A. ICS vendors are slow to implement adequate security controls.
• B. ICS staff are not adequately trained to perform basic duties.
• C. There is a scarcity of replacement equipment for critical devices.
• D. There is a lack of compliance for ICS facilities.

Correct answer: A

Explanation

The correct answer is A because it highlights the slow pace at which ICS vendors adopt necessary security measures, which is a significant issue. Options B, C, and D, while they may indicate problems, do not specifically address the critical security weaknesses that stem from vendor actions, making A the most relevant choice.