Chapter 10 - Physical (Environmental) Security Flashcards
The primary function of a physical protection system is: A. determine, direct and dispatch B. detection, delay and response C. display, develop, initiate, and apprehend
B. detection, delay and response
To successful complete a vulnerability assessment, it is critical that protection systems are well understood through: A. threat definition, target identification, and facility characterization B. threat definition, conflict control, and facility characterization C. risk assessment, threat identification, and incident review D. threat identification, vulnerability appraisal and access review
A. threat definition, target identification, and facility characterization
Laminated glass is recommended for what type of locations: A. All exterior glass windows B. Interior boundary penetration and critical infrastructure facility C. Street-level windows, doorways and other access areas D. Capacitance proximity, intrusion detection locations and boundary penetration sites
C. street level windows, doorways and other access areas
The strategy of forming layers of protection around an asset or facility is known as: A. Secured perimeter B. Defense in Depth C. Reinforced Barrier Deterrent D. Reasonable Asset protection
B. defense in depth
What crime reduction technique BEST creates a physical environment that positively influences human behavior? A. Asset protection and vulnerability assessments B. Reducing vulnerability by protecting, offsetting or transferring the risk C. Crime prevention through environmental design D. Instituting employee screening and workplace violence programs
C.crime prevention through environmental design
The key to a successful physical protection system is the integration of: A. people, procedures, and equipment B. technology, risk assessment, and human interaction C. protecting, offsetting, and transferring risk D. detection, deterrence, and response
A. people, procedures, and equipment
What is the primary objective of controlling entry into a facility or area? A. provide time management controls for all employees B. ensure that only authorized persons are allowed to enter C. Keep potential hazards and contraband material our that could be used to commit sabotage D. Identification purposes
B. ensure that only authorized personnel allowed to enter
For safety considerations in perimeter areas such as parking lots or garages what is the advised lighting? A. 3fc B. 5 fc C. 7 fc D. 10 fc
B. 5 fc
What would be the most appropriate interior sensor used for a building that has windows along the ground floor? A. infrared glass-break sensor B. ultrasonic glass-break sensors C. acoustic/shock glass-break sensors D. volumetric sensors
C. acoustic/shock glass-break sensors
Which of the following BEST describe three separate functions of CCTV? A. surveillance, deterrence, and evidentiary archives B. intrusion detection, detainment and response C. optical scanning, infrared beaming, and lighting D. monitoring, white balancing and inspection
A. surveillance, deterrence, and evidentiary archives
Although security technologies are not the answer to all organizational security problem, if applied appropriately what will they provide? A. the ability to reduce electrical costs B. they can enhance the security envelope and in the majority of cases will save the organization money C. government tax incentives for increased physical protection systems D. increased capital value of property with high-tech integrated technologies
B. they can enhance security envelope and in the majority of cases will save the organization money
A meaningful assessment of a facility or building should be used: A. to determine where all the fire exits are located B. within the context of the defined threats and the value of the organizations assets C. to count the number of employees within the facility D. to determine the structural strength of the perimeter walls
B. within the context of defined threats value of organization’s assets
The BEST example of building a new facility for security is: A. limiting the number of entrances to the site that must be monitored, staffed and protected B. reducing the cost associated with energy needs in providing physical protection system C. giving employees easy access to the facility without their knowledge of the security components used in monitoring their activities D. blast reinforcement film on perimeter windows
A. limiting the number of entrances to the site that must be monitored, staff, and protected
All visitor’s entering the facility sign in and out on a visitor’s log, this is established for what reason? A. for the purpose of detection, accountability, and the necessity for response B. access control and surveillance C. timeframe of the visit, who was visited, and in the case of an emergency have accountability of everyone for safety purposes D. for planning assessment and the requirement of proper designation
C. timeframe of the visit, who was visited, and in the case of an emergency have accountability of everyone
What is the BEST means of protecting physical devices associated with the alarm system? A. Tamper protection B. Target hardening C. Security Design D. UL 250
A. tamper protections
When using a piece of portable computing equipment or media, regardless if it is being used inside the facility or is being removed for legitimate business outside of the facility, simple protection methods need to be employed in order to maintain the security of the equipment. These BEST consist of: A. cable locks, encryption, password protection and increased awareness B. reducing vulnerability by protecting, offsetting or transferring the risk C. operational readiness, physical protection systems, standard operating processes D. increase awareness, environmental, design and physical security
A. cable locks, encryption, password protection, and increased awareness
Personal identity verification systems which use hand or fingerprint, handwriting, eye patter, voice, face, or any other physical characteristics for authentication are: A. biometric devices B. Technological systems C. Physiometric devices D. Physical analysis devices
A. biometric devices
Physical security is applied by using ____ of physical protective measures to prevent or minimize theft, unauthorized access, or destruction of property A. Layers B. Methods C. Varieties D. Types
A. layers of physical protection methods
What is a comprehensive overview of a facility to include physical security controls, policy, procedures and employee safety? A. Availability assessment B. Security survey C. Budgetary and financial performance D. defense in depth
B. Security Survey
Which security control is most effective in curtailing and preventing “piggybacking” or tailgating as a means of unauthorized access? A. Cameras B. Turnstiles C. Keys D. Identification badges
B. turnstiles
Design Phase of a site
Security professional should review all aspects of construction: land use, site planning, stand-off distance, controlled access zones, entry control and vehicular access, signage, parking, loading docks and service access, security lighting, and site utilities
Security Assessment
Also known as security survey, a vulnerability assessment, or a risk analysis. Comprehnsive review of the facility including physical security controls, policy, procedures, and employee safety
Security objectives
threat definition, target identification, and facility characteristics
What is the threat?
Is it vandals, hackers, terrorists, internal employees, corporate spies of a combination
Target Identification
What is the most vaulable asset that needs to be protected - prudent to prioritize and state impact and consequence of loss
American Institute of Architects - key security concerns
Perform onsite interview and the following assessment: 1. Facility Security Control during and after hours of operation 2. Personel and contract security policies and procedures 3. Personnel screening 4. Site and building access control 5. Video surveillannce, assessment, and archiving 6. Natural surveillance opportunities 7. Protocols for responding to internal and external security incidents 8. Degree of integration of security and other building systems 9. Shipping and receiving security 10. Property identification and tracking 11. Proprietary information security 12. Computer Netweork Security 13. Workplace violence prevention 14. Mail screening operations, procedures and recommendations 15. Parking lot and site security 16. Data center security 17. COmmunications security 18. Executive protection 19. Business continuity planning and evacuation procedures
Vulnerability Assessment
done within the context of the defined threats and the value of the organization’s assets.
Most important goal in planning a site
Protection of life, property, and operations
Site design
Integrate security and function to achieve a balance. Maximize efficiency while minimizing conflicts
Crime Prevention through Environmental Design (CPTED)
Crime reduction technique with severla key elements applicable to the the analysis of the building function and site design against physical attack. Use one entrance for visitors. CCTV best deter crimes in facilities such as parking lots where there is a single exit. WIndows should not be palce adjacent to doors. Use laminated glass with window guards. Ground level windows should not be able to be open and should have bars and alarm systems. Magnetic switch alarms are available - windows up to the 4th floor should have this protection. Alson consider steel window frames. Tempered glass for entrance doors and adjacent panels - resist breakage. Wired glass - resistance to blunt objects. Laminated glass - two sheets of ordinary glass bonded to a middle layer of resistant plastic. Acoustic and shockwave sensors together is most effective
New Zealand Ministry of Justice’s The Seven Qualities for Well Designed, Safer Places
Avoid using elements that create a poor image or a fortress like appearance. Integrate security features intrinsically, unobtrusively.
Garages
Threats - crime and vehicles hitting pedestrians. Use CCTV. Lighting 10-12 foot candles over parked cars and 15 to 20 foot-candles in walking and driving aisles. Exterior lights - 12 feet above ground and point downward and paint walls white to reflect light. And lights should be strategically placed to reduce dark corenrs where criminals or attackers could hide. elevators and walups should be in a lobby outside of a controlled space.
Infrared
Can not be seen by human eye, covert surveillance
Primary function of Access Control System (ACS)
Ensure that only authorized personnel are permitted inside the controlled area. Goal is to limit the opportunity for a crime to be committed.
Magnetic strip cards
Are easily duplicated
Proximity cards
Use embedded antenna wire connected to a chip within the card
Smart Cards
Credential cards with a microchip embedded in them. Can provide PIV - Personal Identity Verification
CCTV
Provides immediate output, can be used for surveillance, assessment, deterrence, evidentiary archives
3o frames per second
higher than what is needed for evidentiary and investigative purposes
MPEG - Moving Picture Experts Group
most common compression algorithm - ration 10 to 100
DVRs
Typically have 8 or 16 port versions - equals number of cameras that can be used
Balanced Magnetic Switch - BMS
Uses a magnetic field to determine if an alarm signal is initiated - not susceptible to external magnetic fields, used on doors and windows
Motion activated cameras
sends an alarm when intruder enters field of view
Acoustic sensors
activated when building is secured and unoccupied
Infrared linear beam sensors
a focused infrared red light beam is projected from an emitter and bounced off a reflector that is placed at the other side of the detection area
Passive Infrared Sensors
most common - no beam is why it is called passive - picks up heat signatures - motion detector will not detect person standing still, also used a automatic request to exit locked doors
Dual technology sensors
helps lower false alarm rates - integrated, redundant devices must react at the same time to cause an alarm
Anti - passback
card reader is utilized on both entry and exit
rim lock
associated with a dead bolt type of lock
mortise lock
lock or latch that is recessed
locking cylinders
pin tumbler contained within plug
cipher lock
typically 5 to 10 digits
false rejection
failure to recognize a legitimate user
false acceptance
erroneous recognition - accepting an imposter
hand geometry
tends to give high false accept rates
iris scanning
most accurate and secure, people timid about having eyes scanned, throughput is 2 seconds
retinal scanning
blood vessels back of the eye - takes 10 seconds - typically used in high end security application
vascular patterns
ultimate palm reader - difficult to forge, contact-less, many and varied uses, capable of 1:1 and 1:many matches
MTBF - Mean time before failure
latent damage of equipment - weakened by stress
