OBJECTIVE 04 — OT (OPERATIONAL TECHNOLOGY) CONCEPTS AND ATTACKS
WHAT IS OT — CORE DEFINITION (EXAM)
Term
Definition
Operational Technology (OT)
Hardware and software systems used to monitor, control, and automate physical industrial processes
MEMORY HOOK: OT controls the physical world
OT VS IT (VERY HIGH-YIELD EXAM TABLE)
Aspect
IT
OT
Focus
Data
Physical processes
Priority
Confidentiality
Availability & Safety
Downtime
Tolerable
Dangerous
Patch cycles
Frequent
Rare
Devices
Servers, PCs
PLCs, RTUs
Protocols
TCP/IP
Industrial protocols
MEMORY HOOK: IT = data, OT = safety
WHERE OT IS USED (EXAM CONTEXT)
Industry
Power plants
Water treatment
Oil & gas
Manufacturing
Transportation
Chemical plants
Smart grids
CORE OT COMPONENTS (MUST MEMORIZE)
PLC — DETAILED EXPLANATION
Item
Explanation
PLC
Programmable Logic Controller
Purpose
Control machinery and processes
Input
Sensor signals
Output
Actuator commands
MEMORY HOOK: PLC = industrial brain
RTU — DETAILED EXPLANATION
Item
Explanation
RTU
Remote Terminal Unit
Purpose
Monitor and control remote systems
Used in
SCADA
MEMORY HOOK: RTU = remote PLC
HMI — DETAILED EXPLANATION
Item
Explanation
HMI
Human Machine Interface
Purpose
Operator interaction
Example
Control panel screen
MEMORY HOOK: HMI = human control panel
SCADA — CORE DEFINITION
Term
Definition
SCADA
Supervisory Control and Data Acquisition
SCADA FUNCTIONS
Monitoring
Control
Data acquisition
Alarm handling
MEMORY HOOK: SCADA supervises everything
OT ARCHITECTURE (EXAM FAVORITE)
ISA/IEC 62443 ZONE MODEL
Level
Description
Level 0
Physical process
Level 1
Sensors & actuators
Level 2
Control systems (PLCs)
Level 3
Operations (SCADA/HMI)
Level 4
IT systems
Level 5
Enterprise network
MEMORY HOOK: 0 = process, 5 = business
COMMON OT PROTOCOLS (CRITICAL)
MODBUS — EXPLAINED
Item
Explanation
Modbus
Industrial communication protocol
Security
NONE by default
Risk
Read/write registers
MEMORY HOOK: Modbus = no auth
DNP3 — EXPLAINED
Item
Explanation
DNP3
Distributed Network Protocol
Used in
Power utilities
Risk
Weak encryption
PROFIBUS / PROFINET
Protocol
Use
PROFIBUS
Field-level comms
PROFINET
Ethernet-based
BACnet
Use
Building automation
HVAC systems
OT THREAT LANDSCAPE (EXAM)
WHY OT SYSTEMS ARE VULNERABLE
Reason
Legacy systems
No authentication
Flat networks
Long lifecycle
Safety over security
MEMORY HOOK: Old + critical = vulnerable
OT ATTACK TYPES (MUST MEMORIZE)
1. UNAUTHORIZED COMMAND EXECUTION
Impact
Equipment damage
Safety incidents
2. PROCESS MANIPULATION
Example
Altering sensor values
False readings
MEMORY HOOK: Lying sensors = chaos
3. DENIAL OF SERVICE (OT)
Impact
Production shutdown
Physical damage
4. MAN-IN-THE-MIDDLE (OT)
Effect
Command modification
Data manipulation
5. RANSOMWARE IN OT
Impact
Plant shutdown
Safety risk
FAMOUS OT ATTACKS (EXAM RECOGNITION)
STUXNET (VERY IMPORTANT)
Feature
Targeted PLCs
Sabotaged centrifuges
Used zero-days
First cyber-weapon
MEMORY HOOK: Stuxnet = cyber-physical attack
TRITON / TRISIS
Feature
Targeted safety systems
Potential lethal impact
BLACKENERGY
Feature
Power grid attack
Ukraine blackout
OT ATTACK FLOW (EXAM LOGIC)
Initial IT network compromise
Lateral movement to OT
Protocol abuse
Process manipulation
Physical impact
MEMORY HOOK: IT breach → OT damage
OT SECURITY CHALLENGES (EXAM TRAPS)
Challenge
Cannot patch easily
Downtime unacceptable
Limited logging
No encryption
OBJECTIVE 04 — EXAM MEMORY BLOCK
OT systems control physical processes and prioritize availability and safety. They use PLCs, RTUs, HMIs, and SCADA systems. Legacy protocols lack authentication and encryption. Attacks can cause real-world physical damage. Stuxnet proved cyber attacks can destroy infrastructure.