CH18 Facilities Security

Question 1

What is class A handheld fire extinguisher?

Answer 1

solid combustible materials (wood, paper). Use water-based extinguisher (green triangle label. Hint: green triangle for green products like wood and paper).

Question 2

What is class B handheld fire extinguisher?

Answer 2

Flammable gases or liquids. Use a dry chemical agent or CO2-based fire extinguisher. (Red Square labeled)

Question 3

What is class C handheld fire extinguisher?

Answer 3

Electrical fire. First thing to do is shut off the power to the room. This can put out the fire for you. If it doesn’t, then you need to extinguish that fire with a fire extinguisher. Look for C02-based extinguisher (Blue Circle)

Question 4

What is class D handheld fire extinguisher?

Answer 4

Combustible metals like magnesium, titanium, and lithium…. Like laptop batteries. (yellow decagon / star labeled)

Question 5

What is class K handheld fire extinguisher?

Answer 5

composed of cooking oil. (Black hexagon)

Question 6

What is Wet Pipe Sprinkler system ?

Answer 6

filled with water all the way to the sprinkler head and are just waiting for the bulb to be melted or broken

Question 7

What is Dry pipe sprinkler system ?

Answer 7

Pipes are filed with pressurized air and only push water into the pipes when needed to combat the fire (for places that are cold where pipes can freeze if it has water in them)

Question 8

What is Pre-Action sprinkler system ?

Answer 8

will activate when heat or smoke is detected.

Question 9

What is Special hazard protection systems (aka Clean Agent System) ?

Answer 9

ire suppression system that relies upon gas (Halon, FM-200, or CO2) instead of water to extinguish a fire

Question 10

What is the correct level for Humidity in the server room?

Answer 10

40%

Question 11

What are ICS and SCADA in terms of HVAC system?

Answer 11

HVAC systems can be connected to ICS (industrial control systems) and SCADA (supervisory control and data acquisition systems) networks. This is a specialized network that’s going to control all of your manufacturing and facility systems. This allows a remote operator to maintain awareness of the humidity and temperature in various parts of the building, and insure that the HVAC is functioning properly all the times.

Question 12

What is STP in regards to shielding?

Answer 12

STP - Shielded Twisted Pair

STP adds a layer of shielding inside the cable.

You should also shield your HAVC systems to prevent it from generating electromagnetic interference that could interfere with your network

Question 13

What is Faraday Cage?

Answer 13

Shielding installed around an entire room that prevents electromagnetic energy and radio frequencies from entering or leaving the room

Question 14

What is TEMPTEST in regards to shielding?

Answer 14

US government standards for the level of shielding required in a building to ensure emissions and interference cannot enter or exit the facility.

TEMPEST facilities are also resistant to EMPs (electromagnetic pulses)

Question 15

What is CAN in regards to Vehicular vulnerabilities?

Answer 15

CAN = Controller Area Network

a digital serial data communications network used within vehicles

Question 16

What is OBD-II in terms of Vehicular vulnerabilities?

Answer 16

OBD-II = Onboard Diagnostics module.

it is the primary external interface of an electric vehicle.

Question 17

What are the 3 vehicular vulnerabilities?

Answer 17

OBD-II - Hackers can attach an exploit locally to the OBD-II
onboard cellular - Hackers can exploit over onboard cellular
and onboard WiFi - Hackers can exploit over onboard Wi-Fi

Question 18

What is IoT ?

Answer 18

IoT = Internet of Things

a group of objects (electronic or not) that are connected to the wider Internet by using embedded electronic components.

Question 19

What is Embedded Systems?

Answer 19

a computer system that is designed to perform a specific dedicated function.

(Ex: microcontroller in a medical drip system.
A control system at a water treatment plant)

Embedded systems are considered static environments where frequent changes are not made or allowed. They have very little support for identifying and correcting security issues.

Question 20

What is PLC in regards to embedded system?

Answer 20

PLC = Programmable Logic Controller

a type of computer designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems.

PLC runs on firmware which can be patched and reprogrammed to fix vulnerabilities

Question 21

What is SoC in regards to embedded system?

Answer 21

SoC = System-on-Chip

a processor that integrates the platform functionality of multiple logical controllers onto a single chip. It is power efficient and used with embedded systems.

Question 22

What is RTOS in regards to embedded system?

Answer 22

RTOS = Real-Time Operating System

a type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks. It is a real-time operating system.

(ex: open or shut value controller inside a nuclear plant which cannot afford downtime.)

Embedded systems typically cannot tolerate reboots or crashes and must have response times that are predictable to within microsecond tolerance

Question 23

What is FPGA in regards to embedded system?

Answer 23

FPGA = Field Programmable Gate Array

a processor that can be programmed to perform a specific function by a customer rather than at the time of manufacture.

(ex: grass sprinkler controller where customer programs the timing when the sprinkler should go on and off)

End customer can configure the programming logic to run a specific application instead of using an ASIC (application-specific integrated circuit)

Question 24

What is Operational Technology (OT)

Answer 24

a communications network designed to implement an industrial control system rather than data networking. It is about things that’s using technology and computers to be able to do things in the physical world, like open or shut a value, like do manufacturing

Industrial systems prioritize availability and integrity over confidentiality

Question 25

What is Industrial Control Systems (ICS) ?

Answer 25

a network that manages embedded devices. Electrical power stations, water suppliers, health services, telecommunications, manufacturing, and defense all use ICS (Industrial Control Systems).

Question 26

What is Fieldbus ?

Answer 26

It is a digital serial data communications used in operational technology networks to link PLCs (Programmable Logic Controller). ICS (Industrial Control Systems) uses Fieldbus

ICS manages the process automation by linking together PCs using a fieldbus to make changes in the physical world.

Question 27

What is Human Machine Interface (HMI)?

Answer 27

Input and output controls on a PLC (Programmable Logic Controller) to allow a user to configure and monitor the system.

Question 28

What is Data Historian?

Answer 28

software that aggregates and catalogs data from multiple sources within an industrial control system.

Question 29

What is SCADA ?

Answer 29

SCADA = Supervisory Control and Data Acquisition

a type of industrial control system that manages large-scale, multiple-site devices and equipment spread over a geographic region

ICS is a one plant, SCADA is a multiple plant

SCADA typically run as software on ordinary computers to gather data from and manage plant devices and equipment with embedded PLCs (Programmable Logic Controller)

Question 30

What is Modbus?

Answer 30

a communication protocol used in operational technology networks. It gives control servers and SCADA hosts the ability to query and change the configuration of each PLC

Question 31

What are the 4 key controls for mitigating vulnerabilities in specialized systems like ICS and SCADA ?

Answer 31

1. Establish administrative control over Operational Technology networks by recruiting staff with relevant expertise.
2. Implement the minimum network links by disabling unnecessary links, services, and protocols.
3. Develop and test a patch management program for Operational Technology networks.
4. Perform regular audits and logical and physical access to systems to detect possible vulnerabilities and intrusions.

Warning: Enumeration tools and vulnerability scanners can cause problems on Operational Technology Network

Question 32

What is Premise System ?

Answer 32

systems used for building automation and physical access security.

(Ex: badge in key and security cameras)

They use different type of network. Often times, you’ll have this as a third network in your organization.

Many system designs allow the monitoring to be accessible from the corporate data network or even directly from the Internet.

Question 33

What is Building Automation System (BAS) ?

Answer 33

components and protocols that facilitate the centralized configuration and monitoring of mechanical and electrical systems within offices and data center

Question 34

What are the possible vulnerabilities with Building Automation System (BAS) ?

Answer 34

● Process and memory vulnerabilities in PLC
● Plaintext credentials or keys in application code
● Code injection via web user interface
● Denial of service conditions could be caused by affecting building automation systems like HVAC.
● PLCs are not secured.

Question 35

What is Physical Access Control System (PACS) ?

Answer 35

Components and protocols that facilitate the centralized configuration and monitoring of security mechanisms withing offices and data centers. It can either be implemented as part of a building automation system or a separate system.

Warning : PACS are often installed and maintained by an external supplier and are therefore omitted from risk and vulnerability assessments by analysts.