ICS-SCADA Exam Dumps : ICS/SCADA Cyber Security Exam

One weakness of a vulnerability scanner is that it is not designed to go through filters or bypass security controls like firewalls or intrusion detection systems. Vulnerability scanners typically perform well in identifying known weaknesses within the perimeter of a network or system but might not effectively assess systems that are shielded by robust security measures, which can filter out the scanner's attempts to probe or attack.References:

National Institute of Standards and Technology (NIST), "Technical Guide to Information Security Testing and Assessment".

Port mirroring (also known as SPAN - Switched Port Analyzer) is considered one of the best ways to counter packet monitoring on a switch. This technique involves copying traffic from one or more switch ports (or an entire VLAN) to another port where the monitoring device is connected. Port mirroring allows administrators to monitor network traffic in a non-intrusive way, as it does not affect network performance and is transparent to users and endpoints on the network.References:

Cisco Systems, "Catalyst Switched Port Analyzer (SPAN) Configuration Example".

A vulnerability that is exploited before the vendor has issued a patch or even before the vulnerability is known to the vendor is referred to as a "zero-day" vulnerability. The term "zero-day" refers to the number of days the software vendor has had to address and patch the vulnerability since it was made public—zero, in this case.References:

Symantec Security Response, "Zero Day Initiative".