ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
A car manufacturer is integrating a new Industrial IoT-enabled robotic welding cell that will exchange telemetry with the corporate MES (Manufacturing Execution System) over the plant's Ethernet network. To ensure personnel safety and maintain continuous production even if ransomware compromises office IT systems, which architectural safeguard should be given highest priority during design?
Require multi-factor authentication for all plant visitors before granting physical access to the shop floor.
Implement strict network segmentation that places the robotic cell in a protected control zone with firewalled conduits to the corporate network.
Enable Transport Layer Security (TLS) on the web interface of the human-machine interface (HMI) consoles used by operators.
Deploy endpoint Data Loss Prevention (DLP) agents on engineering workstations connected to the robots.
In industrial control system (ICS) and IIoT environments, loss of availability or manipulation of control traffic can immediately endanger safety and disrupt production. The most effective way to prevent malware that enters the corporate IT network from reaching safety-critical robots is to place the operational technology (OT) components in a protected control zone that is physically and logically segmented from the enterprise (IT) zone. Traffic between zones should traverse well-defined conduits guarded by industrial firewalls and unidirectional gateways, enabling only the minimum required protocols and enforcing strict access controls. While TLS on the HMI, DLP on workstations, or MFA for visitors all add value, none of them alone can stop lateral movement of malware into the control network or guarantee the high availability demanded by industrial welding operations. Proper network segmentation is therefore the paramount architectural control.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is network segmentation and why is it essential in Industrial IoT environments?
Open an interactive chat with Bash
How do firewalled conduits function within a network segmentation design?
Open an interactive chat with Bash
What is the difference between operational technology (OT) and information technology (IT) networks?
Open an interactive chat with Bash
What is industrial network segmentation?
Open an interactive chat with Bash
How does ransomware affect ICS and IIoT environments differently?
Open an interactive chat with Bash
What are firewalled conduits and unidirectional gateways used for in OT networks?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Architecture and Design
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .