2.7 physical security controls

Question 1

Screened subnet

Answer 1

uses a single firewall with three network interfaces.

public internet, intranet, DMZ

Question 2

Air gap

Answer 2

physical seperation between networks
physically isolates a secure computer network from unsecured networks

Question 3

sanitizing media

Answer 3

the process of removing data from storage media so that it can’t be easily retrieved or reconstructed

• Physical destruction: The best method for media that will not be reused. This includes shredding, pulverizing, melting, incineration, and disintegration.
• Data erasure: This includes data deletion, reformatting, and factory resets.
• Cryptographic erasure: This includes data masking.
• Degaussing: This method uses a magnetic pulse to destroy the magnetic domains on disk platters. It works on hard drives, tape, floppy disks, and magnetic stripe cards.
• Clearing: This method uses software or hardware to overwrite all user-addressable storage space.
• Purge uses state-of-the-art laboratory overwrite, block erase, and cryptographic erase methods. It provides a higher level of media sanitization than Clear and is thus used when handling more confidential data.