Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:

Performing a penetration test against an environment with SCADA devices brings additional safety risk because the:
A . devices produce more heat and consume more power.
B . devices are obsolete and are no longer available for replacement.
C . protocols are more difficult to understand.
D . devices may cause physical world effects.

View Answer

Answer: D

Explanation:

"A significant issue identified by Wiberg is that using active network scanners, such as Nmap, presents a weakness when attempting port recognition or service detection on SCADA devices. Wiberg states that active tools such as Nmap can use unusual TCP segment data to try and find available ports. Furthermore, they can open a massive amount of connections with a specific SCADA device but then fail to close them gracefully." And since SCADA and ICS devices are designed and implemented with little attention having been paid to the operational security of these devices and their ability to handle errors or unexpected events, the presence idle open connections may result into errors that cannot be handled by the devices.

Reference: https://www.hindawi.com/journals/scn/2018/3794603/