ISA Certified Automation Professional (CAP) program

CAP logo

Certified Automation Professionals (CAPs) are responsible for the direction, design, and deployment of systems and equipment for manufacturing and control systems.

CAP question

Which of the following practices will not necessarily enhance login security for process control system software?

A. Use a firewall as a gatekeeper between the network system and the Internet and set up a system to automatically install software upgrades.
B. Use alphanumeric passwords with at least one capital letter if the protection system is case-sensitive.
C. Change passwords regularly.
D. Assign a user access level commensurate with job function.

CAP Answer

The correct answer is A, "Use a firewall as a gatekeeper between the network system and the Internet and set up a system to automatically install software upgrades". Answers B, C, and D all describe ways to enhance login security for process control system software through application of best practices: password complexity, user access level management, and aging of passwords.

Allowing automatic software updates through a firewall between the control network and the Internet is not a good security practice. Software updates should be initiated from within the control system network after being fully tested and vetted in a nonproduction environment that is representative of the control network. This prevents critical automation systems from being shut down or halted erroneously.

Reference: Sands, Nicholas P. & Verhappen, Ian, A Guide to the Automation Body of Knowledge, Third Edition, ISA Press, 2018.

 

Reader Feedback

We want to hear from you! Please send us your comments and questions about this topic to InTechmagazine@isa.org.