Certified Incident Handler (ECIH) — Question 12

Hayes, a security professional, was tasked with the implementation of security controls for an industrial network at the Purdue level 3.5 (IDMZ). Hayes verified all the possible attack vectors on the IDMZ level and deployed a security control that fortifies the IDMZ against cyber-attacks.
Identify the security control implemented by Hayes in the above scenario.

Answer options

• A. Point-to-point communication
• B. MAC authentication
• C. Anti-DoS solution
• D. Use of authorized RTU and PLC commands

Correct answer: C

Explanation

The correct answer is C, as an Anti-DoS solution is specifically designed to protect against denial-of-service attacks, which are common threats to industrial networks. The other options, while they may provide some level of security, do not specifically address the primary concern of mitigating cyber-attacks aimed at overwhelming the network.