2.7 Explain the importance of physical security controls.

Question 1

Used to control both foot traffic and vehicles. K-rails (often seen during road construction), large planters, zigzag queues, bollards, and tire shredders are all examples of barricades.

Answer 1

BOLLARDS

Question 2

A small room with two doors: one in the trusted environment and one opening to the outside. Access control vestibules often contain scales and cameras to prevent piggybacking.

Answer 2

ACCESS CONTROL VESTIBULE/ MANTRAPS

Question 3

When an employee is terminated or otherwise departs the organization, badges should be retrieved and destroyed. A facility’s security policy may require that badges be worn in plain view by each authorized person. Badges should be designed with security features to minimize the ability of intruders to replicate or duplicate. Day passes and/or visitor badges should be clearly marked as such with bright colors for easy recognition from a distance, especially for escort required visitors.

Answer 3

BADGES

Question 4

Systems designed to detect attempted intrusion, breach, or attack; the use of an unauthorized entry point; or the occurrence of some specific event at an unauthorized or abnormal time.

Answer 4

ALARMS

Question 5

Can be used to declare areas off-limits to those who are not authorized, indicate that security cameras are in use, and disclose safety warnings.

Answer 5

SIGNAGE

Question 6

Video surveillance, video monitoring, closed-circuit television (CCTV), and security cameras are all means to deter unwanted activity and create a digital record of the occurrence of events.

Answer 6

CAMERAS

Question 7

Some cameras are activated through motion recognition. Some can even automatically indentify individuals and track their motion across the monitored area. See section 2.4 heading “Gait analysis.” Simple motion recognition or triggered cameras may be fooled by animals, birds, insects, weather, or foliage. Motion recognition can trigger a retention of video or notify security personnel of the event.

Answer 7

Motion recognition (Cameras)

Question 8

Some cameras are capable of object detection, which can include faces, devices, and weapons. Detection of an object or person could trigger retention of video, notification of security personnel, closing/locking doors, and/or sounding an alarm.

Answer 8

Object detection (Cameras)

Question 9

a security camera system that resides inside an organization’s facility and is usually connected to monitors for the security guards to view as well as to a recording device. Most traditional CCTV systems have been replaced by remote controlled IP cameras.

Answer 9

Closed-circuit television (CCTV)

Question 10

The attempt to mask or hide the actual function, purpose, or operations of a facility by providing a façade presenting a believable or convincing alternative.

Answer 10

Industrial camouflage

Question 11

People can be used as protection components, and defenses against unauthorized personnel are needed as well.

Answer 11

PERSONNEL

Question 12

These are able to adapt and react to various conditions or situations, learn and recognize attack and intrusion activities and patterns, adjust to a changing environment, and make decisions and judgment calls.

Answer 12

Guards (Personnel)

Question 13

These can be used to automatically patrol an area to look for anything out of place. They often use facial recognition to identity authorized individuals as well as potentially identify intruders.

Answer 13

Robot sentries (Personnel)

Question 14

This can be used as a choke point to block access to unauthorized visitors. This area should be segregated from the security areas with locked doors and monitored by security cameras. If a visitor is authorized, then an escort can be assigned to accompany them around the facility. If a valid worker arrives, the person staffing this area may be able to “buzz” the door open for them. Any unauthorized visitors can be asked to leave, security guards can be brought to bear, or police can be called.

Answer 14

Reception (Personnel)

Question 15

A security procedure where any changes to an environment or system must be approved by two different people before the alteration is applied or committed. Any sensitive or risky activity requires two admins to agree to perform the task. This type of control can be useful in managing access to a backup or escrow of encryption keys/certificates as well as authorizing production deployment of updates or applications from development or a software library.

Answer 15

Two-person integrity/control (Personnel)

Question 16

These can be controlled in such a way that only authorized people can unlock and/or enter through them.
These are used to keep doors and containers secured to protect assets.

Answer 16

LOCKS

Question 17

Doors used to control entrance into secured areas can be protected by biometric locks. Only after the biometric is verified is the door unlocked and the person allowed entry. When biometrics are used to control entrance into secured areas, they serve as a mechanism of identity proofing as well as authentication.

Answer 17

Biometrics (Locks)

Question 18

Many door access systems, whether supporting biometrics, smart cards, or even PINs, are designed around the electronic access control (EAC) concept (a.k.a. digital locks and crypto locks). An EAC system is a door-locking and door-access mechanism that uses an electromagnet to keep a door closed, a reader to accept access credentials, and a door-close spring and sensor to ensure that the door recloses within a reasonable timeframe.

Answer 18

Electronic (Locks)

Question 19

Hardware or physical conventional locks are used to keep specific doors or other access portals closed and prevent entry or access to all but authorized individuals. With the risks of lock picking and bumping, locks resistant to such attacks must be used whenever valuable assets are to be protected from tampering or theft. Physical locks include conventional locks, deadbolts, dual-key locks, and padlocks.

Answer 19

Physical (Locks)

Question 20

A cable lock is used to protect smaller devices and equipment by making them more difficult to steal. A cable lock usually isn’t an impenetrable security device, since most portable systems are constructed with thin metal and plastic. However, a thief will be reluctant to swipe a cable-locked device, because the damage caused by forcing the cable lock out of the K-Slot will be obvious when they attempt to pawn or sell the device.

Answer 20

Cable locks (Locks)

Question 21

A hardware adapter placed between a USB cable and the USB port on a PC. This device blocks the data channels of a USB device from connecting with the storage capabilities of a system. Such devices allow for powering/recharging of a USB device without the risk of data transfer (such as malware).

Answer 21

USB DATA BLOCKER

Question 22

A commonly used form of perimeter security control. Its primary purpose is to discourage casual intruders, trespassers, prowlers, or would-be thieves who would rather perform their misdeeds in the dark, such as vandalism, theft, and loitering.

Answer 22

LIGHTING

Question 23

A perimeter-defining device. It protects against casual trespassing and clearly identifies the geographic boundaries of a property.

Answer 23

FENCING

Question 24

A controlled exit and entry point in a fence.

Answer 24

GATE

Question 25

Early detection and suppression of this will ensure that less damage is caused to the facility and equipment. Personnel safety is always of utmost importance.

Answer 25

FIRE SUPPRESSION

Question 26

A hardware or software tool used to monitor an activity or event to record information or at least take notice of an occurrence.

Answer 26

SENSORS

Question 27

A device that senses movement or sound in a specific area. Many types of motion detection exist, including infrared, heat, wave pattern, capacitance, photoelectric, and passive audio. The proper technology of motion detection should be selected for the environment where it will be deployed to minimize false positives and false negatives.

Answer 27

Motion detection (Sensors)

Question 28

A device that focuses on detecting a specific noise, such as the breaking of glass, or of an abnormal noise, such as a door opening at 3 a.m. when no one should be present.

Answer 28

Noise detection (Sensors)

Question 29

Proximity devices can be used to control physical access. A proximity device or proximity card can be a passive device, a field-powered device, or a transponder. When a proximity device passes a proximity reader, the reader is able to determine who the bearer is and whether they have authorized access. The passive proximity device has no active electronics; it is just a small magnet. A fieldpowered proximity device has electronics that activate when the device enters a specific magnetic field [see section 1.4 heading “Radio frequency identification (RFID)”]. A transponder proximity device is self-powered and transmits a signal received by the reader. This can occur continuously or only at the press of a button.

Answer 29

Proximity reader (Sensors)

Question 30

is a device that senses movement or sound in a specific area. Many types of motion detection exist, including infrared, heat, wave pattern, capacitance, photoelectric, and passive audio. The proper technology of motion detection should be selected for the environment where it will be deployed to minimize false positives and false negatives.

Answer 30

Moisture detection (Sensors)

Question 31

See section 1.4 headings “Radio frequency identification (RFID)” and “Near-field communication (NFC)” as well as section 2.4 heading “Smart card authentication.”

Answer 31

Cards (Sensors)

Question 32

See section 2.6 heading “Heating, ventilation, air conditioning (HVAC).”

Answer 32

Temperature (Sensors)

Question 33

See section 2.6 heading “Aircraft.”

Answer 33

DRONES/UAV

Question 34

Visitor logs are a manual or automated list of non-employee entries or access to a facility or location. Employee logs may also be useful for access tracking and verification. Logs of physical access should be maintained. These can be created automatically through the use of smart cards or manually by a security guard. The physical access logs establish context for the interpretation of logical logs. Logs are helpful in an emergency to determine whether everyone has escaped a building safely.

Answer 34

VISITOR LOGS

Question 35

An enclosure that blocks or absorbs electromagnetic fields or signals.

Answer 35

FARADAY CAGES

Question 36

An air gap is when there is no physical communication pathway (wired or wireless) between devices or networks. Air gaps are a network segmentation and isolation technique.

Answer 36

AIR GAP

Question 37

An extension of a private network where Internet users can access services such as the web and email to provide controlled public access to company resources while still allowing internal clients to access the services. See section 3.3 heading “Screened subnet (previously known as demilitarized zone).”

Answer 37

SCREENED SUBNET/DEMILITARIZED ZONE (DMZ)

Question 38

The means by which cables are protected against unauthorized access or harm.

Answer 38

PROTECTED CABLE DISTRIBUTION/PROTETED DISTRIBUTION SYSTEM (PDS)

Question 39

protected locations in a facility where access is restricted to only specifically authorized personnel.

(Page 219).

Answer 39

SECURE AREAS

Question 40

An air gap is when there is no physical communication pathway (wired or wireless) between devices or networks. Air gaps are a network segmentation and isolation technique.

Answer 40

Air gap (SECURE AREAS)

Question 41

A permanent safe or strongroom that is integrated into a building’s construction.

Answer 41

Vault (SECURE AREAS)

Question 42

A movable secured container that is not integrated into a building’s construction. Any portable device or removable media containing highly sensitive information should be kept locked securely in a safe when not in active use.

Answer 42

Safe (SECURE AREAS)

Question 43

A means of maintaining optimum operating temperature in large server rooms.

Answer 43

Hot/Cold aisle (SECURE AREAS)

Question 44

Focuses on the secure disposal and destruction of storage media and printed material.

Answer 44

SECURE DATA DESTRUCTION

Question 45

Burning or incineration can be an effective means to destroy paperwork as well as media storage devices.

Answer 45

Burning (SDD)

Question 46

Shredding is the tearing or cutting of media into small pieces. Shredding can be an effective destruction technique for both paperwork and media storage devices; however, different equipment will be needed for these two techniques.

(Page 218).

Answer 46

Shredding (SDD)

Question 47

Pulping is a paperwork destruction process that involves shredding paper and mixing it with a liquid to create a fibrous mush.

Answer 47

Pulping (SDD)

Question 48

Pulverizing is a means of device destruction that goes beyond the shredding level to a point where the devices are reduced to fragments or powder.

Answer 48

Pulverizing (SDD)

Question 49

Degaussing is a means of media storage device data destruction using strong magnetic fields. It is effective only on magnetic media, such as hard drives and tapes; it is not effective on other forms of media, such as optical discs, SSDs, and flash memory cards.

Answer 49

Degaussing (SDD)

Question 50

There are third-party solutions or services that will perform paperwork and media destruction on site or off site.

Answer 50

Third-party solutions (SDD)