Q.1 Which layer of the OSI model is primarily responsible for ensuring secure data transmission in a smart grid communication network?
Application
Transport
Network
Data Link
Explanation - The Transport layer (Layer 4) handles end-to-end communication and includes protocols like TLS/SSL that provide encryption and authentication.
Correct answer is: Transport
Q.2 What does the IEC 61850 standard primarily address in smart grid systems?
Power quality monitoring
Communication protocols for substations
Physical security of grid hardware
Environmental impact assessment
Explanation - IEC 61850 defines communication protocols and data models specifically for substation automation and communication.
Correct answer is: Communication protocols for substations
Q.3 Which type of attack involves injecting false data into SCADA measurements to influence grid operations?
Replay attack
Man-in-the-middle attack
False data injection attack
Denial-of-service attack
Explanation - A false data injection attack manipulates SCADA data to mislead control decisions, potentially causing operational hazards.
Correct answer is: False data injection attack
Q.4 What is the main purpose of a Demilitarized Zone (DMZ) in a smart grid network?
To store backup data
To isolate critical control servers from the internet
To provide high-speed connectivity
To monitor power consumption
Explanation - A DMZ places non-critical services between the internet and internal network, protecting critical control servers from direct exposure.
Correct answer is: To isolate critical control servers from the internet
Q.5 Which encryption standard is most commonly used for securing IEC 61850 communication?
AES-128
DES
RC4
3DES
Explanation - AES-128 is widely adopted for its balance of security and performance in IEC 61850 systems.
Correct answer is: AES-128
Q.6 What does the term 'Redundancy' refer to in the context of smart grid cybersecurity?
Using multiple communication channels for backup
Deploying duplicate software versions
Adding extra hardware to fail-safe operations
Duplicating user accounts for redundancy
Explanation - Redundancy ensures that if one channel fails, another can maintain communication, enhancing reliability and resilience.
Correct answer is: Using multiple communication channels for backup
Q.7 Which protocol is used to securely authenticate devices in a smart grid environment?
OAuth 2.0
TLS 1.3
Kerberos
SNMP
Explanation - Kerberos provides mutual authentication between devices, which is critical for secure grid operations.
Correct answer is: Kerberos
Q.8 What is the main goal of implementing a Zero Trust architecture in smart grid networks?
To allow all traffic by default
To verify every access request regardless of source
To eliminate encryption
To simplify network topologies
Explanation - Zero Trust treats all network traffic as potentially hostile, requiring continuous authentication and validation.
Correct answer is: To verify every access request regardless of source
Q.9 Which of the following is NOT a typical cybersecurity threat to smart grid systems?
Phishing attacks
Insider threats
Physical tampering
Software licensing
Explanation - Software licensing is a business issue, not a direct cybersecurity threat to grid operations.
Correct answer is: Software licensing
Q.10 Which method is used to protect SCADA command messages from being tampered with in transit?
Hash functions
Digital signatures
Compression
Load balancing
Explanation - Digital signatures ensure message integrity and authenticity, preventing tampering.
Correct answer is: Digital signatures
Q.11 What does the term 'Man-in-the-Middle' (MITM) attack describe?
An attacker physically stealing hardware
An attacker intercepting and possibly altering communications between two parties
An attacker flooding the network with traffic
An attacker disabling power lines
Explanation - MITM attacks involve eavesdropping or modifying data as it passes between legitimate users.
Correct answer is: An attacker intercepting and possibly altering communications between two parties
Q.12 Which type of firewall is most suitable for inspecting encrypted traffic in a smart grid?
Stateless firewall
Next-Generation Firewall (NGFW)
Proxy firewall
Packet-filtering firewall
Explanation - NGFWs can inspect and apply policies to encrypted traffic, often using SSL/TLS inspection features.
Correct answer is: Next-Generation Firewall (NGFW)
Q.13 Which attack vector exploits the lack of authentication in Modbus communication?
Brute force
Replay
Physical tampering
Unauthorized access
Explanation - Modbus lacks built-in authentication, enabling attackers to send unauthorized commands if they can communicate over the network.
Correct answer is: Unauthorized access
Q.14 What is the purpose of a Security Information and Event Management (SIEM) system in smart grids?
To control power flow
To store customer data
To collect and analyze security logs for threat detection
To replace SCADA
Explanation - SIEM aggregates logs from various devices to detect and respond to security incidents.
Correct answer is: To collect and analyze security logs for threat detection
Q.15 Which encryption mode is recommended for securing MQTT communications in IoT-based smart grid devices?
ECB
CBC
GCM
CTR
Explanation - GCM (Galois/Counter Mode) provides both confidentiality and integrity in a single mode, suitable for resource-constrained devices.
Correct answer is: GCM
Q.16 Which of the following best describes a Distributed Denial-of-Service (DDoS) attack on a smart grid?
A single machine sending large amounts of traffic
Multiple compromised devices flooding network resources
Physical destruction of substations
Unauthorized software installation
Explanation - DDoS uses many sources to overwhelm network capacity, making services unavailable.
Correct answer is: Multiple compromised devices flooding network resources
Q.17 What is the function of a Public Key Infrastructure (PKI) in smart grid communications?
To store power usage data
To manage encryption keys and digital certificates
To balance load on the grid
To schedule maintenance
Explanation - PKI issues, revokes, and verifies certificates that secure device communications.
Correct answer is: To manage encryption keys and digital certificates
Q.18 Which security control is most effective against phishing attacks targeting grid operators?
Physical security of data centers
User training and awareness
Network segmentation
Power redundancy
Explanation - Phishing relies on human error; training reduces the likelihood of falling victim.
Correct answer is: User training and awareness
Q.19 In the context of smart grids, what does 'anomaly detection' refer to?
Detecting abnormal weather patterns
Identifying unusual communication patterns indicating possible security incidents
Monitoring equipment wear and tear
Forecasting energy demand
Explanation - Anomaly detection systems flag deviations from normal traffic that may signal attacks.
Correct answer is: Identifying unusual communication patterns indicating possible security incidents
Q.20 Which of the following is a primary reason for segmenting a smart grid network into separate zones?
To increase bandwidth
To improve fault tolerance
To isolate sensitive systems from general traffic
To reduce physical cabling
Explanation - Segmentation limits the spread of attacks and protects critical assets.
Correct answer is: To isolate sensitive systems from general traffic
Q.21 What is the main security benefit of using a two-factor authentication (2FA) system for grid operator access?
Reduces login time
Eliminates the need for passwords
Adds an additional verification step, reducing credential compromise risk
Speeds up network throughput
Explanation - 2FA requires something you know and something you have, making unauthorized access harder.
Correct answer is: Adds an additional verification step, reducing credential compromise risk
Q.22 Which type of sensor is typically used to detect tampering with physical grid assets?
Temperature sensor
Motion sensor
Tamper-evident seal
Pressure sensor
Explanation - Tamper seals break when physical access is attempted, alerting operators to potential intrusion.
Correct answer is: Tamper-evident seal
Q.23 Which of the following best describes 'network hardening' in smart grid security?
Adding more network devices
Strengthening network devices against attacks by disabling unnecessary services
Increasing network speed
Reducing physical cabling
Explanation - Hardening removes attack vectors by limiting exposed functionalities.
Correct answer is: Strengthening network devices against attacks by disabling unnecessary services
Q.24 Which encryption algorithm is considered a legacy algorithm and should be avoided in modern smart grid deployments?
AES
RSA
DES
ECC
Explanation - DES is vulnerable to brute‑force attacks and is no longer recommended for secure communications.
Correct answer is: DES
Q.25 Which of the following is NOT a typical component of a smart grid threat model?
Adversary goals
Asset inventory
Power plant fuel type
Vulnerability assessment
Explanation - Threat models focus on cyber aspects, not physical fuel characteristics.
Correct answer is: Power plant fuel type
Q.26 What does 'confidentiality' in cybersecurity ensure within smart grid communications?
Only authorized entities can see the data
Data is always available
Data is correct
Data is stored permanently
Explanation - Confidentiality protects data from unauthorized disclosure.
Correct answer is: Only authorized entities can see the data
Q.27 Which of the following is a key characteristic of a 'critical infrastructure' cybersecurity framework?
Focuses solely on financial security
Incorporates public awareness campaigns
Provides guidelines for risk-based protection
Limits access to power generation only
Explanation - Critical infrastructure frameworks emphasize protecting essential services through risk assessment.
Correct answer is: Provides guidelines for risk-based protection
Q.28 Which protocol is commonly used for secure remote configuration of smart grid devices?
HTTP
SSH
Telnet
SNMPv1
Explanation - SSH provides encrypted remote access and is widely adopted for device configuration.
Correct answer is: SSH
Q.29 Which type of attack targets the integrity of power system measurements?
Data breach
False data injection
Physical sabotage
Eavesdropping
Explanation - False data injection attacks alter measurement data, compromising grid decisions.
Correct answer is: False data injection
Q.30 Which of the following is an example of an 'asset' in a smart grid cybersecurity context?
Smart meter firmware
Customer bill
Weather forecast
Solar panel orientation
Explanation - Assets are components that require protection, like device firmware that can be exploited.
Correct answer is: Smart meter firmware
Q.31 What does 'patch management' involve in smart grid cybersecurity?
Applying firmware and software updates to fix vulnerabilities
Removing old cables
Replacing damaged transformers
Installing new sensors
Explanation - Patch management updates systems to mitigate known security flaws.
Correct answer is: Applying firmware and software updates to fix vulnerabilities
Q.32 Which of the following is a primary feature of the Zigbee protocol used in some smart grid applications?
High bandwidth
Low power consumption
Fixed topology
No encryption
Explanation - Zigbee is designed for low-power, low-data-rate applications like sensor networks.
Correct answer is: Low power consumption
Q.33 What is the role of a 'security zone' in a smart grid network architecture?
To allocate bandwidth for each device
To logically separate network segments based on security requirements
To provide internet access
To store customer data
Explanation - Security zones enforce policy boundaries, limiting potential attack reach.
Correct answer is: To logically separate network segments based on security requirements
Q.34 Which type of malware is specifically designed to disrupt the operations of a smart grid?
Adware
Spyware
Wiper
Rootkit
Explanation - Wipers erase or corrupt critical data, potentially crippling grid control systems.
Correct answer is: Wiper
Q.35 Which of the following best defines 'cyber hygiene' in the context of smart grids?
Regularly cleaning the physical grid equipment
Ensuring data backups are stored offline
Maintaining secure configurations and regularly updating systems
Applying sunscreen to solar panels
Explanation - Cyber hygiene involves best practices to reduce vulnerability.
Correct answer is: Maintaining secure configurations and regularly updating systems
Q.36 What is a 'honeypot' used for in cybersecurity?
To store backups of critical data
To attract attackers and study their tactics
To increase network throughput
To detect power theft
Explanation - Honeypots mimic legitimate systems, providing insight into attacker behavior.
Correct answer is: To attract attackers and study their tactics
Q.37 Which of the following is an example of a 'physical attack' on smart grid infrastructure?
Phishing emails
Insider data theft
Cutting transmission lines
SQL injection
Explanation - Physical attacks directly damage hardware, disrupting grid operations.
Correct answer is: Cutting transmission lines
Q.38 Which key management strategy ensures that compromised keys can be revoked quickly?
Static key usage
Dynamic key generation
Key escrow
Public key revocation lists (CRLs)
Explanation - CRLs list revoked certificates, allowing rapid invalidation of compromised keys.
Correct answer is: Public key revocation lists (CRLs)
Q.39 In the context of smart grids, what does the term 'intrusion detection system' (IDS) do?
Detects power outages
Monitors and alerts on suspicious network activity
Predicts load demand
Balances the load
Explanation - IDS monitors traffic and logs for potential security incidents.
Correct answer is: Monitors and alerts on suspicious network activity
Q.40 Which type of authentication factor is considered 'something you have'?
Password
Fingerprint
Smart card
Security question
Explanation - Smart cards are physical tokens that authenticate users.
Correct answer is: Smart card
Q.41 What is the primary purpose of using a 'certificate authority' (CA) in smart grid communications?
To manage user passwords
To issue and verify digital certificates for device identity
To monitor power flow
To store logs
Explanation - A CA validates device identities through certificates, enabling trust.
Correct answer is: To issue and verify digital certificates for device identity
Q.42 Which vulnerability is most commonly exploited by attackers to gain initial access to SCADA systems?
Buffer overflow
Weak passwords
Physical tampering
Unpatched firmware
Explanation - Weak passwords are an easy entry point for credential-based attacks.
Correct answer is: Weak passwords
Q.43 What does 'data integrity' guarantee in smart grid cybersecurity?
Data is always available
Data cannot be altered without detection
Data is encrypted
Data is stored for long periods
Explanation - Integrity ensures that data remains trustworthy and unchanged.
Correct answer is: Data cannot be altered without detection
Q.44 Which of the following is NOT a characteristic of a 'resilient' smart grid system?
Fast recovery from disturbances
Redundancy in critical components
High vulnerability to attacks
Robust fault detection mechanisms
Explanation - Resilience seeks to minimize vulnerability, not increase it.
Correct answer is: High vulnerability to attacks
Q.45 Which security principle is violated when an attacker can read sensitive data without permission?
Confidentiality
Integrity
Availability
Non-repudiation
Explanation - Confidentiality protects data from unauthorized disclosure.
Correct answer is: Confidentiality
Q.46 What does 'network segmentation' aim to achieve in a smart grid context?
Increase the speed of power transmission
Limit the spread of cyber attacks to a single zone
Reduce physical cabling costs
Improve power quality
Explanation - Segmentation contains attacks within a defined area, protecting critical assets.
Correct answer is: Limit the spread of cyber attacks to a single zone
Q.47 Which of the following best describes a 'Zero-Day' vulnerability?
A vulnerability known to vendors but not exploited
A vulnerability that has a known patch
A vulnerability that has been patched for years
A vulnerability with no public exploit
Explanation - Zero-Day refers to a flaw that is known but unpatched, exposing systems to exploitation.
Correct answer is: A vulnerability that has a known patch
Q.48 In smart grid cybersecurity, what is a 'security incident response plan' (SIRP)?
A guide for power distribution
A detailed protocol for reacting to security breaches
A maintenance schedule for transformers
A billing adjustment policy
Explanation - SIRP outlines procedures to mitigate, contain, and recover from incidents.
Correct answer is: A detailed protocol for reacting to security breaches
Q.49 Which type of cryptographic algorithm is considered 'symmetric'?
RSA
AES
ECC
Diffie–Hellman
Explanation - AES uses the same key for encryption and decryption, characteristic of symmetric algorithms.
Correct answer is: AES
Q.50 What does the 'non-repudiation' principle ensure in smart grid transactions?
Messages cannot be altered
Senders cannot deny their actions
Messages are always available
Data is encrypted
Explanation - Non-repudiation prevents users from falsely claiming they did not perform an action.
Correct answer is: Senders cannot deny their actions
Q.51 Which device is typically responsible for monitoring and controlling grid voltage?
Smart meter
Voltage regulator
Phasor measurement unit (PMU)
Power factor correction unit
Explanation - Voltage regulators adjust voltage levels to maintain grid stability.
Correct answer is: Voltage regulator
Q.52 Which of the following is a common method attackers use to compromise smart grid devices?
SQL injection
Cross-site scripting (XSS)
Unpatched firmware vulnerabilities
Buffer overflow in mobile apps
Explanation - Firmware vulnerabilities allow attackers to gain control of embedded devices.
Correct answer is: Unpatched firmware vulnerabilities
Q.53 Which of the following is a core feature of a 'Secure Sockets Layer (SSL)' connection?
Data compression
Data encryption
Increased bandwidth
Physical layer isolation
Explanation - SSL/TLS encrypts data to protect it during transmission.
Correct answer is: Data encryption
Q.54 Which of the following is a best practice for securing remote access to SCADA systems?
Use public Wi-Fi networks
Disable VPNs
Enable multi-factor authentication
Allow all IP addresses
Explanation - MFA adds extra verification, reducing the risk of unauthorized remote access.
Correct answer is: Enable multi-factor authentication
Q.55 In smart grid communications, what is 'data masking' used for?
To hide sensitive data in logs
To increase data size
To improve signal quality
To replace encryption
Explanation - Data masking protects sensitive information by obscuring it in records or logs.
Correct answer is: To hide sensitive data in logs
Q.56 Which of the following best describes 'device hardening'?
Adding more sensors
Removing unnecessary services and features
Increasing firmware size
Installing more software
Explanation - Hardening reduces the attack surface by disabling unused functions.
Correct answer is: Removing unnecessary services and features
Q.57 Which type of attack attempts to exhaust network resources by sending a flood of traffic?
Man-in-the-Middle
Phishing
Denial of Service (DoS)
SQL Injection
Explanation - DoS floods the target with traffic, rendering it unavailable.
Correct answer is: Denial of Service (DoS)
Q.58 In a smart grid, what does 'grid cyber‑physical integration' refer to?
Combining hardware and software to manage power flow
Installing physical barriers around substations
Adding cybersecurity to physical devices only
Separating cyber and physical components
Explanation - Cyber‑physical integration links digital controls with physical power systems.
Correct answer is: Combining hardware and software to manage power flow
Q.59 What is the main purpose of an Intrusion Prevention System (IPS) in a smart grid?
To store logs
To actively block malicious traffic
To balance loads
To monitor weather
Explanation - IPS detects and stops attacks in real time, protecting the network.
Correct answer is: To actively block malicious traffic
Q.60 Which of the following is an example of a 'critical asset' in a smart grid?
Solar panel cleaning crew
Grid management software
Customer billing database
Electric vehicle charging station
Explanation - Grid management software controls essential operations and is vital to grid security.
Correct answer is: Grid management software
Q.61 What does 'device authentication' verify?
Device's power output
Device's IP address
Device's identity to the network
Device's physical location
Explanation - Device authentication ensures that only trusted devices join the network.
Correct answer is: Device's identity to the network
Q.62 Which of the following is an example of a 'physical intrusion' threat to smart grid infrastructure?
SQL injection
Vulnerability exploitation
Cable cutting
Password sniffing
Explanation - Physical intrusion refers to direct damage or tampering with hardware.
Correct answer is: Cable cutting
Q.63 Which encryption mode provides both confidentiality and integrity in a single operation?
CBC
GCM
ECB
CFB
Explanation - Galois/Counter Mode (GCM) offers authenticated encryption.
Correct answer is: GCM
Q.64 In smart grid communications, what is the function of a 'relay' in a network?
To amplify signals
To switch network paths
To store data
To generate power
Explanation - Relays direct traffic between network segments, often used for routing or fault isolation.
Correct answer is: To switch network paths
Q.65 Which of the following best defines the concept of 'least privilege'?
Give users maximum rights
Give users minimal necessary permissions
Remove all user permissions
Grant admin rights to all
Explanation - Least privilege limits access to reduce potential damage from compromise.
Correct answer is: Give users minimal necessary permissions
Q.66 Which protocol is commonly used for secure remote administration of industrial devices?
Telnet
SSH
HTTP
SMTP
Explanation - SSH provides encrypted remote shell access, preferred over insecure Telnet.
Correct answer is: SSH
Q.67 What does the term 'confidentiality' in cybersecurity refer to?
Ensuring data is available
Ensuring data is protected from unauthorized access
Ensuring data is accurate
Ensuring data is stored for a long time
Explanation - Confidentiality prevents unauthorized disclosure of information.
Correct answer is: Ensuring data is protected from unauthorized access
Q.68 Which of the following is a potential consequence of a successful false data injection attack on a smart grid?
Improved power quality
Reduced maintenance costs
Unnecessary load shedding or generation adjustments
Higher energy prices for consumers
Explanation - Incorrect data can lead to wrong control actions, disrupting grid operations.
Correct answer is: Unnecessary load shedding or generation adjustments
Q.69 Which device typically monitors voltage and frequency in real time for grid stability?
Smart meter
Phasor measurement unit (PMU)
Thermostat
Battery storage
Explanation - PMUs provide high‑resolution, synchronized measurements of power system phasors.
Correct answer is: Phasor measurement unit (PMU)
Q.70 Which type of cyber attack involves an attacker inserting malicious commands into a legitimate data stream?
Replay attack
Command injection
Phishing
Privilege escalation
Explanation - Command injection exploits unfiltered inputs, allowing attackers to send harmful commands.
Correct answer is: Command injection
Q.71 Which of the following is a key benefit of using secure boot in smart grid devices?
Fast startup times
Ensuring firmware integrity at boot
Reducing power consumption
Increasing storage capacity
Explanation - Secure boot verifies firmware signatures, preventing tampered firmware from running.
Correct answer is: Ensuring firmware integrity at boot
Q.72 What is the primary function of a 'firewall' in a smart grid network?
Encrypt data packets
Filter traffic based on rules
Store logs
Balance loads
Explanation - Firewalls control network traffic according to security policies.
Correct answer is: Filter traffic based on rules
Q.73 Which of the following best describes a 'security baseline'?
A minimum set of security controls and configurations
A backup of security software
A list of all employees
A physical barrier around the grid
Explanation - A baseline provides a starting point for secure system deployment.
Correct answer is: A minimum set of security controls and configurations
Q.74 Which of the following is a common method for securing SCADA communications over IP networks?
Using clear‑text protocols
Applying TLS/SSL
Disabling encryption
Using only local networks
Explanation - TLS/SSL encrypts SCADA traffic, protecting against eavesdropping and tampering.
Correct answer is: Applying TLS/SSL
Q.75 Which of the following is a typical indicator of a cyber intrusion on a smart grid system?
Higher-than-expected energy usage
Unexpected changes in device firmware versions
Unusually bright lighting in control rooms
Increased number of customers
Explanation - Unauthorized firmware changes may signal malicious compromise.
Correct answer is: Unexpected changes in device firmware versions
Q.76 What is the main purpose of 'anomaly-based intrusion detection' in smart grids?
To detect known signatures only
To detect unusual patterns that may indicate new attacks
To replace firewalls
To monitor power usage only
Explanation - Anomaly detection looks for deviations from normal behavior, useful for unknown threats.
Correct answer is: To detect unusual patterns that may indicate new attacks
Q.77 Which of the following is an example of 'physical security' for smart grid infrastructure?
Implementing firewalls
Installing CCTV cameras at substations
Using strong passwords
Encrypting data packets
Explanation - Physical security measures protect hardware from unauthorized physical access.
Correct answer is: Installing CCTV cameras at substations
Q.78 Which type of encryption key is typically longer than 2048 bits in a smart grid context?
Symmetric key
Asymmetric key
Hash key
Random key
Explanation - Public-key (asymmetric) keys often exceed 2048 bits for strong security.
Correct answer is: Asymmetric key
Q.79 Which of the following is NOT a common method used in securing communication between a smart meter and utility server?
TLS/SSL
MAC addresses
Public key certificates
Two-factor authentication
Explanation - MAC addresses identify hardware but provide no encryption or authentication.
Correct answer is: MAC addresses
Q.80 What does the 'principle of defense in depth' advocate?
Using a single strong firewall
Layering multiple security controls at different points
Relying only on physical security
Providing unlimited access to all devices
Explanation - Defense in depth applies multiple layers to protect against diverse threats.
Correct answer is: Layering multiple security controls at different points
Q.81 Which of the following best describes a 'smart meter' in a smart grid?
A device that measures voltage only
A device that records real-time energy consumption
A device that replaces transformers
A device that monitors weather
Explanation - Smart meters provide detailed usage data, enabling dynamic pricing and demand response.
Correct answer is: A device that records real-time energy consumption
Q.82 What does the 'Integrity' property of cybersecurity aim to protect?
Availability of data
Confidentiality of data
Ensuring data is not altered
Speed of data transmission
Explanation - Integrity ensures that data remains accurate and unmodified.
Correct answer is: Ensuring data is not altered
Q.83 Which of the following is a common symptom of a Denial of Service attack on a SCADA system?
Rapidly decreasing voltage
Increased network latency and unresponsiveness
Sudden temperature rise in transformers
Reduced customer complaints
Explanation - DoS floods traffic, causing delays and loss of responsiveness.
Correct answer is: Increased network latency and unresponsiveness
Q.84 What is the purpose of 'two-factor authentication' in securing SCADA login?
To provide backup passwords
To add a second layer of verification
To allow faster login
To disable passwords
Explanation - 2FA reduces risk of credential compromise by requiring additional proof.
Correct answer is: To add a second layer of verification
Q.85 Which type of vulnerability allows an attacker to read sensitive data from memory while it is in use?
Buffer overflow
Side‑channel attack
SQL injection
Cross‑site scripting
Explanation - Side‑channel attacks exploit physical characteristics (e.g., timing, power) to infer data.
Correct answer is: Side‑channel attack
Q.86 Which of the following is a best practice for protecting SCADA devices from unauthorized firmware updates?
Allow updates from any source
Use signed firmware images only
Disable all firmware updates
Update firmware daily
Explanation - Signed firmware ensures authenticity and integrity of updates.
Correct answer is: Use signed firmware images only
Q.87 What does 'cyber‑physical security' primarily focus on in smart grid systems?
Only protecting data in transit
Securing the interaction between cyber controls and physical hardware
Preventing physical damage only
Enhancing network throughput
Explanation - Cyber‑physical security addresses threats that combine software vulnerabilities with hardware impacts.
Correct answer is: Securing the interaction between cyber controls and physical hardware
Q.88 Which of the following is a characteristic of a 'secure boot' mechanism?
Boots any firmware
Verifies cryptographic signatures before booting
Increases boot time
Disables power management
Explanation - Secure boot checks signatures to ensure only authorized firmware runs.
Correct answer is: Verifies cryptographic signatures before booting
Q.89 What is the primary advantage of using a 'public key infrastructure' (PKI) in smart grids?
Simplifies password management
Facilitates secure key distribution and authentication
Increases power output
Reduces network cabling
Explanation - PKI manages certificates that authenticate devices and secure communications.
Correct answer is: Facilitates secure key distribution and authentication
Q.90 Which of the following best describes a 'zero‑trust' model?
All traffic is trusted by default
Every access is verified regardless of source
Only internal traffic is allowed
No authentication required
Explanation - Zero trust treats every request as potentially malicious.
Correct answer is: Every access is verified regardless of source
Q.91 In smart grid cybersecurity, what does 'asset classification' involve?
Determining the age of hardware
Categorizing devices by criticality and risk level
Labeling devices with colors
Assigning firmware versions
Explanation - Classification informs security priorities and resource allocation.
Correct answer is: Categorizing devices by criticality and risk level
Q.92 Which of the following is NOT a typical function of a 'Intrusion Detection System (IDS)'?
Monitoring network traffic
Alerting on suspicious activity
Blocking all traffic
Recording logs for forensic analysis
Explanation - IDS detects and alerts but does not block traffic; that is the role of an IPS.
Correct answer is: Blocking all traffic
Q.93 Which protocol is commonly used for secure remote monitoring of smart grid equipment over the Internet?
Telnet
HTTPS
SMTP
SNMPv1
Explanation - HTTPS encrypts HTTP traffic, providing secure remote monitoring.
Correct answer is: HTTPS
Q.94 What does 'key rotation' help prevent in smart grid cybersecurity?
Hardware failures
Physical attacks
Key compromise and prolonged exposure
Increased energy consumption
Explanation - Regularly changing keys limits the time a compromised key can be used.
Correct answer is: Key compromise and prolonged exposure
Q.95 Which of the following is a typical attack vector targeting SCADA protocols?
SQL injection
Buffer overflow
Cross‑site scripting
Phishing
Explanation - SCADA protocols often run on embedded systems vulnerable to buffer overflows.
Correct answer is: Buffer overflow
Q.96 What is the primary purpose of 'data obfuscation' in smart grid communications?
To slow down traffic
To hide sensitive information
To increase power output
To compress data
Explanation - Obfuscation disguises data to protect it from unauthorized viewers.
Correct answer is: To hide sensitive information
Q.97 Which of the following best describes 'multi‑factor authentication (MFA)'?
Using one strong password
Using two or more verification methods
Using only a fingerprint
Using only a PIN
Explanation - MFA combines something you know, something you have, or something you are.
Correct answer is: Using two or more verification methods
Q.98 Which of the following is a benefit of using 'Secure Shell (SSH)' for remote device management?
Provides encryption and secure authentication
Increases network latency
Disables firewalls
Allows only local access
Explanation - SSH secures command execution over insecure networks.
Correct answer is: Provides encryption and secure authentication
Q.99 Which of the following is an example of a 'physical access control' device for a substation?
Firewall
Biometric reader
Encryption module
Load balancer
Explanation - Biometric readers restrict physical access to authorized personnel.
Correct answer is: Biometric reader
Q.100 Which of the following is a common method used to secure communication between smart meters and utility servers?
Plain TCP
TLS/SSL
Unencrypted UDP
Local network only
Explanation - TLS/SSL encrypts the traffic, protecting it from eavesdropping.
Correct answer is: TLS/SSL
Q.101 What is the primary function of a 'Network Access Control (NAC)' system in smart grid security?
To control power distribution
To enforce policy on device connectivity to the network
To balance loads
To monitor weather patterns
Explanation - NAC ensures only compliant devices can connect.
Correct answer is: To enforce policy on device connectivity to the network
Q.102 Which of the following best describes 'data confidentiality'?
Ensuring data is not lost
Ensuring only authorized users can view data
Ensuring data is available at all times
Ensuring data is accurate
Explanation - Confidentiality protects data from unauthorized disclosure.
Correct answer is: Ensuring only authorized users can view data
Q.103 Which of the following is a recommended practice for securing smart grid device firmware updates?
Use any available update source
Only update during off‑peak hours
Verify digital signatures before installing
Disable all security checks
Explanation - Signature verification ensures firmware authenticity.
Correct answer is: Verify digital signatures before installing
Q.104 Which of the following protocols is specifically designed for real‑time telemetry in smart grids?
Modbus
DNP3
SNMP
FTP
Explanation - DNP3 is widely used for SCADA telemetry in utilities.
Correct answer is: DNP3
Q.105 What is the main advantage of using 'Authenticated Encryption' (AE) in smart grid communications?
Only encrypts data
Provides both confidentiality and integrity
Reduces bandwidth usage
Increases transmission speed
Explanation - AE ensures data cannot be read or modified undetected.
Correct answer is: Provides both confidentiality and integrity
Q.106 Which of the following is an example of a 'cryptographic hash' function?
AES
RSA
SHA‑256
ECC
Explanation - SHA‑256 is a cryptographic hash used to verify data integrity.
Correct answer is: SHA‑256
Q.107 What is the purpose of 'Network Time Protocol (NTP)' in a smart grid?
To synchronize clocks for accurate event logging
To monitor power usage
To encrypt data
To manage power loads
Explanation - Precise time synchronization is critical for SCADA and fault analysis.
Correct answer is: To synchronize clocks for accurate event logging
Q.108 Which type of attack exploits the lack of authentication in some industrial protocols?
Brute force
Replay
Man-in-the-Middle
Password spraying
Explanation - Without authentication, an attacker can insert themselves between devices.
Correct answer is: Man-in-the-Middle
Q.109 What is a 'security patch' in the context of smart grid devices?
A physical patch for hardware
A software update that fixes vulnerabilities
A new power cable
A firmware downgrade
Explanation - Security patches close known weaknesses in software or firmware.
Correct answer is: A software update that fixes vulnerabilities
Q.110 Which of the following is NOT a typical component of a smart grid cyber security strategy?
Threat intelligence
Regular vulnerability assessments
Unrestricted physical access to substations
Incident response planning
Explanation - Physical access control is a crucial part of security, not a strategy component.
Correct answer is: Unrestricted physical access to substations
Q.111 Which of the following best describes a 'honeypot' in cybersecurity?
A device that stores backup power
A decoy system designed to attract attackers
A network firewall
A power meter
Explanation - Honeypots mimic legitimate systems to study attacker techniques.
Correct answer is: A decoy system designed to attract attackers
Q.112 What is the main function of 'Authentication and Authorization' in smart grid systems?
To balance loads
To verify identity and grant access rights
To encrypt data
To control power output
Explanation - Authentication confirms who is connecting; authorization decides what they can do.
Correct answer is: To verify identity and grant access rights
Q.113 Which of the following is a characteristic of a 'public key cryptosystem'?
Uses the same key for encryption and decryption
Uses a private key for encryption and public key for decryption
Uses a private key for encryption and public key for decryption
Uses no keys
Explanation - Public key cryptography uses a private key to encrypt and a public key to decrypt.
Correct answer is: Uses a private key for encryption and public key for decryption
Q.114 Which of the following is a key benefit of using 'Zero Trust Network Access (ZTNA)' for smart grid devices?
Unlimited device access
Every access request is validated and monitored
No need for authentication
All traffic is unencrypted
Explanation - ZTNA enforces strict verification for each request, reducing risk.
Correct answer is: Every access request is validated and monitored
Q.115 Which of the following is a common method to mitigate 'Denial of Service' attacks on SCADA?
Use of robust firewalls and rate limiting
Removing encryption
Disabling all backups
Increasing physical power lines
Explanation - Firewalls and rate limiting help absorb or block malicious traffic spikes.
Correct answer is: Use of robust firewalls and rate limiting
Q.116 Which of the following best describes 'network segmentation' in smart grid security?
Combining all network devices into one broadcast domain
Separating network into isolated zones to limit attack spread
Increasing network speed
Removing all firewalls
Explanation - Segmentation reduces the attack surface and isolates critical components.
Correct answer is: Separating network into isolated zones to limit attack spread
Q.117 What does the 'principle of least privilege' suggest for smart grid device access?
Give all users admin rights
Provide users only the minimal permissions needed
Remove all user accounts
Grant unrestricted network access
Explanation - Least privilege limits potential damage from compromised accounts.
Correct answer is: Provide users only the minimal permissions needed
Q.118 Which of the following is a key feature of a 'Secure SCADA' system?
Only local monitoring
Open communication protocols
Encryption, authentication, and integrity controls
Unlimited data logging
Explanation - Secure SCADA incorporates security measures to protect SCADA networks.
Correct answer is: Encryption, authentication, and integrity controls
Q.119 Which of the following best defines 'anomaly-based detection' in cybersecurity?
Detection based on known attack signatures
Detection based on deviation from normal behavior
Detection only on known protocols
Detection only on physical breaches
Explanation - Anomaly detection identifies unknown threats by spotting unusual patterns.
Correct answer is: Detection based on deviation from normal behavior
Q.120 Which of the following is a typical component of a smart grid's physical security plan?
Firewalls
Surveillance cameras
Encryption keys
Load balancing
Explanation - Physical security uses cameras to monitor access to critical infrastructure.
Correct answer is: Surveillance cameras
Q.121 What is the main purpose of 'security patches' for smart grid devices?
To increase device performance
To fix vulnerabilities and protect against known attacks
To change device color
To add new features
Explanation - Security patches close gaps that attackers could exploit.
Correct answer is: To fix vulnerabilities and protect against known attacks
Q.122 Which of the following is NOT a common form of cyber attack on smart grid systems?
Phishing
Physical sabotage
SQL injection
Water pollution
Explanation - Water pollution is unrelated to cyber security.
Correct answer is: Water pollution
Q.123 Which protocol is used for secure device authentication and configuration in many smart grid devices?
SSH
Telnet
SMTP
FTP
Explanation - SSH provides encrypted command line access for secure device management.
Correct answer is: SSH
Q.124 What is the primary goal of 'intrusion prevention systems (IPS)' in a smart grid?
To detect and block malicious traffic in real time
To store logs only
To balance loads
To provide internet connectivity
Explanation - IPS actively stops threats, complementing IDS alerting.
Correct answer is: To detect and block malicious traffic in real time
Q.125 Which of the following is an example of 'network segmentation' benefit?
Reduced physical infrastructure
Easier network management
Limiting the impact of a security breach
All of the above
Explanation - Segmentation confines attacks to smaller network sections.
Correct answer is: Limiting the impact of a security breach
Q.126 Which of the following best describes 'confidentiality' in cybersecurity?
Ensuring data is not modified
Ensuring data is not disclosed to unauthorized parties
Ensuring data is always available
Ensuring data is accurate
Explanation - Confidentiality protects information from being accessed by unauthorized users.
Correct answer is: Ensuring data is not disclosed to unauthorized parties
Q.127 What does a 'Digital Signature' provide in smart grid communications?
Confidentiality of data
Data integrity and non‑repudiation
Encryption of the entire network
Automatic device updates
Explanation - Digital signatures verify authenticity and prevent denial of sending actions.
Correct answer is: Data integrity and non‑repudiation
Q.128 Which type of encryption algorithm uses the same key for both encryption and decryption?
Symmetric key
Asymmetric key
Hash function
Compression algorithm
Explanation - Symmetric algorithms use a single key for encryption and decryption.
Correct answer is: Symmetric key
Q.129 What is the primary advantage of 'Secure Boot' in IoT devices?
Faster boot times
Prevents execution of unauthorized firmware
Increases power consumption
Improves connectivity
Explanation - Secure Boot checks firmware signatures before executing, ensuring integrity.
Correct answer is: Prevents execution of unauthorized firmware
Q.130 Which of the following best describes 'Zero‑Trust Architecture'?
All devices are trusted by default
Every access attempt is verified, regardless of origin
Only internal traffic is allowed
No authentication is required
Explanation - Zero Trust treats all traffic as potentially hostile.
Correct answer is: Every access attempt is verified, regardless of origin
Q.131 Which of the following is a typical feature of an 'Intrusion Detection System (IDS)'?
Blocking all traffic
Monitoring traffic for suspicious patterns
Encrypting all data
Balancing loads
Explanation - IDS detects but does not block traffic; it alerts administrators.
Correct answer is: Monitoring traffic for suspicious patterns
Q.132 What does 'Patch Management' help prevent?
Hardware wear
Software vulnerabilities exploitation
Physical damage to transformers
Network latency
Explanation - Regular patching closes known security gaps.
Correct answer is: Software vulnerabilities exploitation
Q.133 Which of the following is an example of an 'Internet of Things (IoT)' device in a smart grid?
High voltage transformer
Smart meter
Cooling tower
Electrical substation
Explanation - Smart meters are IoT devices that communicate consumption data.
Correct answer is: Smart meter
Q.134 Which of the following describes a 'phishing' attack?
An attacker uses a false website to trick users into revealing credentials
An attacker physically damages equipment
An attacker floods a network with traffic
An attacker changes voltage levels
Explanation - Phishing is a social engineering technique that deceives users.
Correct answer is: An attacker uses a false website to trick users into revealing credentials
Q.135 What is the purpose of 'Data Encryption' in smart grid communication?
To increase speed
To protect data from eavesdropping
To reduce power usage
To allow free access to data
Explanation - Encryption keeps information confidential during transmission.
Correct answer is: To protect data from eavesdropping
Q.136 Which of the following is an example of 'Physical Layer Security'?
Password policies
CCTV cameras at a substation
Firewall rules
Encryption algorithms
Explanation - Physical security addresses threats to the actual hardware and location.
Correct answer is: CCTV cameras at a substation
Q.137 Which of the following is a key principle of 'defense in depth'?
Using a single security tool
Layering multiple security controls
Removing all security measures
Only focusing on physical security
Explanation - Defense in depth provides redundancy and layered protection.
Correct answer is: Layering multiple security controls
Q.138 What is the main benefit of 'Network Time Protocol (NTP)' synchronization in SCADA systems?
Improved power output
Accurate event logging and coordination
Lower latency
Reduced power consumption
Explanation - Synchronized timestamps enable precise fault analysis and coordination.
Correct answer is: Accurate event logging and coordination
Q.139 Which of the following is a characteristic of a 'public key cryptosystem'?
Same key for encryption and decryption
Private key used for encryption, public key for decryption
Public key used for encryption, private key for decryption
No keys are used
Explanation - Public key cryptography uses a public key for encryption and a private key for decryption.
Correct answer is: Public key used for encryption, private key for decryption
Q.140 Which of the following is a common method to secure communication between smart meters and the utility server?
Plain text TCP
TLS/SSL over HTTP
Unencrypted UDP
Only local network traffic
Explanation - TLS/SSL encrypts traffic, ensuring confidentiality and integrity.
Correct answer is: TLS/SSL over HTTP
Q.141 Which of the following best describes a 'security baseline'?
A set of standard security controls that provide a starting point for protection
A list of all physical devices
A backup of all data
A list of all employees
Explanation - Baseline configurations help maintain consistent security levels.
Correct answer is: A set of standard security controls that provide a starting point for protection
Q.142 Which of the following best describes 'data integrity' in cybersecurity?
Ensuring data is not lost
Ensuring data is always available
Ensuring data cannot be altered without detection
Ensuring data is accurate
Explanation - Data integrity protects against unauthorized changes to information.
Correct answer is: Ensuring data cannot be altered without detection
Q.143 What is the purpose of 'two‑factor authentication' in smart grid security?
To reduce password complexity
To add an extra verification step beyond a single password
To speed up login times
To eliminate passwords altogether
Explanation - 2FA combines something you know and something you have, boosting security.
Correct answer is: To add an extra verification step beyond a single password
Q.144 Which of the following is NOT a typical method to secure a smart grid network?
Firewall deployment
Encrypted communications
Open wireless access
Regular patching
Explanation - Open wireless access exposes devices to unauthorized connections and attacks.
Correct answer is: Open wireless access
Q.145 Which of the following best describes a 'man‑in‑the‑middle' attack?
An attacker physically breaks a transformer
An attacker intercepts and potentially modifies communications between two parties
An attacker floods a network with traffic
An attacker steals credentials via phishing
Explanation - MITM attacks occur when an attacker sits between legitimate participants.
Correct answer is: An attacker intercepts and potentially modifies communications between two parties
Q.146 Which of the following is a key feature of a 'secure SCADA' system?
Open communication protocols
Encryption and authentication of all communications
Unlimited device access
No monitoring of logs
Explanation - Secure SCADA applies cryptographic protections to control traffic.
Correct answer is: Encryption and authentication of all communications
Q.147 Which of the following describes a 'honeypot' in cybersecurity?
A decoy system designed to attract attackers
A secure firewall
An encrypted communication channel
A power storage device
Explanation - Honeypots mimic legitimate assets to study attack techniques.
Correct answer is: A decoy system designed to attract attackers
Q.148 Which of the following is a typical method to protect SCADA devices from unauthorized firmware updates?
Allow updates from any source
Only update during off‑peak hours
Verify digital signatures before installing
Disable all security checks
Explanation - Signature verification ensures firmware authenticity.
Correct answer is: Verify digital signatures before installing
Q.149 Which of the following is a benefit of using 'authenticated encryption' in smart grid communications?
Only confidentiality
Confidentiality and integrity in a single step
Increased power consumption
Reduced data size
Explanation - Authenticated encryption (e.g., AES‑GCM) protects both secrecy and authenticity.
Correct answer is: Confidentiality and integrity in a single step
Q.150 Which of the following best describes a 'Zero Trust Network Access (ZTNA)' system?
All traffic is allowed
Every access request is verified and monitored
Only local traffic is allowed
No authentication is required
Explanation - ZTNA enforces strict verification for every request.
Correct answer is: Every access request is verified and monitored
Q.151 Which of the following is a common method to mitigate a Denial‑of‑Service attack on a SCADA system?
Using robust firewalls and rate limiting
Disabling encryption
Removing all backups
Increasing physical power lines
Explanation - These measures help absorb or block malicious traffic spikes.
Correct answer is: Using robust firewalls and rate limiting
Q.152 Which of the following best describes 'network segmentation' in smart grid security?
Combining all network devices into one broadcast domain
Separating network into isolated zones to limit attack spread
Increasing network speed
Removing all firewalls
Explanation - Segmentation reduces the attack surface and isolates critical components.
Correct answer is: Separating network into isolated zones to limit attack spread
Q.153 Which of the following is a key feature of a Secure SCADA system?
Encryption, authentication, and integrity controls
Open communication protocols
Unlimited device access
No monitoring of logs
Explanation - Secure SCADA incorporates cryptographic protections.
Correct answer is: Encryption, authentication, and integrity controls