5.1 Physical Security Flashcards

1
Q

What is physical security?

A

Security principals put in place to protect people, equipment and facilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are business continuity planning?

A

Plans you put in place to ensure critical business functions can continue in place of an emergency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are disaster recovery plans?

A

Plans put in place to prepare for a potential disaster, including what to do during and after.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the three major concerns for physical security, in order of importance?

A

People, data, equipment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the three main kinds of physical security measures?

A

deterrent, detective, preventive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are examples of Deterrent controls?

A

Signs outside a building - being recorded, beware dogs/ These will only help keep honest people honest.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are examples of detective controls?

A

Burglar systems. systems that check for unauthorized activities. Includes humans and animal guards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are examples of preventive controls?

A

Physical means to protect - high walls, mechanical locks, bollards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Why might you want to use RAID?

A

As a backup - since a RAID can store information and the infrastructure used to access it - important when data needs to be access remotely all the time incase primary system fails.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is physical security’s most important concern?

A

Protecting people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What type of physical access control might you put in place to block access to a vehicle?

A

Bollards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can you give three examples of physical controls that work as deterrents?

A

Signs - human guard - video recording

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Can you give an example of how a living organism might constitute a threat to your equipment?

A

Small insects can chew wires causing shorts - interfere with cooling fans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which category of physical control might include a lock?

A

preventive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is residual data, and why is it a concern when protecting the security of your data?

A

data left in disposed hard drives, printers, fax machines that may have internal storage. These items need to be fully erased.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is your primary tool for protecting people?

17
Q

What are some physical concerns for protecting people?

A

extreme temps - water - living organisms, mold, Energy anomalies including microwaves, electrical faults by poor insulation. ** Other People are dangerouse

18
Q

During an emergency (physical) what should you prioritize?

A

Evacuating

19
Q

What are Administrative Controls?

A

Policies, procedures, and guidelines, regulations and laws.

20
Q

Examples of administrative controls?

A

Background Checks, drug tests, NDA’s (non disclosure agreements

21
Q

Whats the primary way to protect data?

A

Encrypt it

22
Q

What physical concerns are there for the following?
-Magnetic
-Flash
-Optical

A

Magnetic - jolting while in motion, magnetic fields
Flash - Crushing the chip, electrical shocks
Optical - scratching the surface, CD, temp sensitive

23
Q

What is RAID?

A

Redundant Arrays of Inexpensive Disks

24
Q

What are three physical concerns for equipment damage?

A

Extreme temps (especially heat), liquids, living organisms.

25
Securing access to equipment and facilities involves implementing _____________________ both inside and outside the facility.
multiple layers of security measures
26
* Site selection for facilities should consider potential_______ ________and the ability to mitigate them.
environmental threats
27
How do you avoid residual data?
Properly dispose of it
28
Ensuring data availability involves protecting both the _____________________ of storage media and the ___________ needed to access it.
physical integrity; infrastructure
29
The level of physical security implemented should be consistent with_______________________.
the value of the asset being protected.
30
Identify the 3 Layers of a Defense-in-Depth Strategy
* Physical Controls * Logical Controls * Administrative Controls
31
Identify the 3 Elements of Risk Management in Policies and Procedures
* Risk Identification * Risk Analysis * Risk Mitigation
32
Identify 3 Cybersecurity Concepts that Protect IT Infrastructure
* Firewalls * Intrusion Detection Systems * Multi-Factor Authentication
33
Categorize Security Principles According to Asset Needing Protection Data, Hardware, Software
* Data: Encryption, Backups * Hardware: Locks, Surveillance * Software: Patch Management
34
Classify Threats and Attacks According to CIA Triad -Interception
Interception: Targets confidentiality
35
Classify Threats and Attacks According to CIA Triad, Interruption
Interruption: Targets availability
36
Classify Threats and Attacks According to CIA Triad, Modification
Modification: Targets integrity
37
Classify Threats and Attacks According to CIA Triad - Fabrication
* Fabrication: Targets integrity and authenticity
38
Categorize Control Mechanisms Physical Logical Human Error
* Physical Controls: Tackle physical threats * Logical Controls: Address data threats * Administrative Controls: Human error mitigation
39
What are two advantages of flash media over traditional magnetic media? Speed Security Storage Cost
Speed Cost