9) Physical Security

Question 1

Security guards and guard dogs are a part of which type(s) of physical security controls?

a) Detective
b) Environmental
c) Preventive
d) Deterrent

Answer 1

a) Detective
c) Preventive
d) Deterrent

Question 2

Which storage media is least sensitive to temperature, humidity, magnetic fields, and impacts?

a) Floppy disks
b) Optical media
c) Magnetic media
d) Flash media

Answer 2

d) Flash media

Question 3

The top three safety concerns for an organization are prioritized and one criterion is the relative ease of replacement. The first concern is always ___, followed up with ___, and then ___.

Choose from data, equipment, and people.

Answer 3

people, data, equipment

Question 4

Deterrent, detective, and preventive security controls, when used in isolation, are not a complete solution. To have a stronger, more complete solution, we need to use ___.

a) defense in depth
b) RAID
c) environmental controls
d) CIA

Answer 4

a) defense in depth

Question 5

A type of security that is concerned with the protection of people, equipment, and data.

Answer 5

Physical security

Question 6

The plans we put in place to ensure that critical business functions can continue operations in the event of an emergency.

Answer 6

BCP

Question 7

BCP is the plans we put in place to ensure that critical business functions can continue operations in the event of an emergency. What does BCP stand for?

Answer 7

Business continuity planning

Question 8

The plans we put in place in preparation for a potential disaster, and what exactly we will do during and after.

Answer 8

DRP

Question 9

DRP is the plans we put in place in preparation for a potential disaster, and what exactly we will do during and after. What does DRP stand for?

Answer 9

Disaster recovery planning

Question 10

The devices, systems, people, and other methods we put in place to ensure our security in a physical sense.

Answer 10

Physical security controls

Question 11

Name three main types of physical controls.

Answer 11

Deterrent, detective, and preventive

Question 12

Controls designed to discourage those who might seek to violate our security controls.

Answer 12

Deterrent controls

Question 13

Controls designed to detect and report undesirable events that are taking place.

Answer 13

Detective controls

Question 14

Controls designed to physically prevent unauthorized entities from breaching our physical security.

Answer 14

Preventive controls

Question 15

Data that is unintentionally left behind on a storage device.

Answer 15

Residual data

Question 16

Name the main considerations for protecting people.

Answer 16

Safety, evacuation plans, administrative controls

Question 17

Name the main considerations for protecting data.

Answer 17

Availability, residual data, backups

Question 18

Name the main considerations for protecting equipment.

Answer 18

Equipment and facility repair/replacement

Question 19

What planning process ensures that critical business functions can continue to operate during an emergency?

Answer 19

Business continuity planning

Question 20

What planning process ensures that we can respond appropriately during and after a disaster?

Answer 20

Disaster recovery planning

Question 21

Which of the options below demonstrates all three types of physical security controls: deterrent, detective, and preventive?

a) A burglar alarm
b) A guard dog
c) A locked door
d) A warning sign
e) An employee policy

Answer 21

b) A guard dog

Question 22

Your company has an office full of expensive computer equipment to protect. You recommend a variety of approaches, including a security guard stationed at the entrance, a high fence around the property, and key card entry to all nonpublic areas. What security concept are you recommending to protect your company’s assets?

Answer 22

Defense in depth

Question 23

You work for a small company that has just upgraded its data servers. The new servers are up and running, and normal operations have resumed. The company plans to sell its old equipment. What is your primary concern before they auction off the old hardware?

Answer 23

Residual data