05- Physical Security Flashcards
access controls
the use of photo identity cards, swipe cards, biometric identification, or a PIN number
Attack
occurs when a system is compromised based on a vulnerability by an unknown exploit
countermeasure
A way to protect against an attack
Crime prevention through environmental design (CPTED)
a discipline which outlines how the properly designed physical environment can prevent crime by directly affecting human behavior
Fencing
the first line of defense in your list of physical security measures; an effective physical barrier; may not stop an intruder from entering but it can delay the intruder in his attempts and it acts as a deterrent
intrusion detection systems (IDSs)
Detect unauthorized entries; can monitor entries, doors, windows, devices, or removable coverings of equipment; expensive and require human intervention to respond to the alarms
Life safety
protecting human life as the first priority
Lighting
one of the most important aspects of physical security; can act as a deterrent; gives a feeling to the intruder that he could be detected easily
Locks
widely accepted access control mechanisms; slows down intruder
Manmade threats
include unauthorized access ? both internal and external ? explosions, damage by disgruntled employees, employee errors and accidents, vandalism, fraud, and theft
natural access control
The guide of people entering and leaving the environment through doors, fences, lighting, and even landscaping
Natural environmental threats
floods, earthquakes, storms and tornadoes, fires, extreme temperature conditions, and so on
natural surveillance
using and placing physical environmental features, personnel walkways, and activity areas in ways that maximize visibility
perimeter
the place where you must start your defense mechanism
Perimeter security
the first layer of defense
Physical access control systems
use software and auditing features to produce audit trails or access logs pertaining to access attempts
physical access controls
identifying individuals who want to enter a facility or an area
Physical security threats
include interruption of services, theft, fraud, sabotage, vandalism, and accidents
Politically motivated threats
strikes, riots, civil disobedience, terrorist attacks, bombings, etc.
resources
a combination of people, processes, procedures, technology, and equipment
Response procedures
use of fire suppression mechanisms, emergency response processes, law enforcement notification, and consultation with outside security professionals
Safety
the protection of life and assets against fire, natural disasters, and devastating accidents
Security
should protect against vandalism, theft, and attacks by individuals
Supply system threats
power distribution outages, communication interruptions, and interruption of other resources such as water, gas, and air filtration
territorial reinforcement
creates physical designs to emphasize an organization?s physical atmosphere of influence to make legitimate users feel a sense of ownership of that environment
threat
In terms of physical security, a threat is any real or perceived threat to one of these key areas: natural environmental, supply system, manmade, or politically motivate.
Threat profiles
vary from one organization to other; the types of attackers, the capabilities of these attackers, and the resources and tactics these individuals would use
uninterruptible power supplies (UPSs)
use AC line voltage to charge a bank of batteries; short-term solutions compared to generators
Vulnerability
a weak link in the software, settings, etc., through which, if not fixed early, someone can get access to the computer, application, and/or network and can cause damage
