Chapter 10- Physical Security Requirements Flashcards
- What are first line of defence?
Physical controls are your first line of defence, and people are your last.
- What is a secure facility plan:
secure facility plan outlines the security needs of an organisation and emphasizes methods or mechanisms to employ to provide security. Such a plan is developed through a process of Critical Path Analysis.
- What is Critical Path Analysis
Critical Path Analysis is a systemic effort to identify relationships between mission critical applications, processes and operations and all the supporting elements.
- List some physical security controls:
administrative, technical and physical
- Functional order in which controls should be used are:
- Deterrence 2 Denial 3 Detection 4 Delay
- What is Service Level Agreement:
Service Level Agreement defines the response time a vendor will provide in the event of an equipment failure emergency.
- Explain MTTF:
Mean Time to Failure (MTTF) is the expected typical functional lifetime of a device given a specific operating environment.
- Explain MTTR:
Mean Time to Repair (MTTR) is the average length of time required to perform a repair on the device
- What is MTBF: t
Mean Time Between Failures is an estimation of time between the first an any subsequent failures. If the MTTF and MTBF values are the same or fairly similar, manufacturers often only list the MTTF to represent both values.
- What are modern wiring closets:
a modern wiring closet is where networking cables for the whole building or just one floor are connected to other essential equipment, such as patch panels, switches, routers, local area network (LAN) extenders, and backbone channels
- Explain wiring closet security:
For wiring closet security, the most important aspect is physical security, there should be no unauthorised access
- What are cable plant:
: cable plant is the collection of interconnected cables and intermediary devices that establish a physical network
- List the elements of a cable plant:
cable plant is the collection of interconnected cables and intermediary devices that establish a physical network
- What is entrance facility:
this is known as the demarcation point, this is the entrance to the building where the cable from the provider connects the internal cable plant
- What is the equipment room:
this is the main wiring for the building, often connected to or adjacent to the entrance facility
- What is backbone distribution system
this provides wired connections between the equipment room and the telecommunications rooms, including the cross floor connections
- What is the telecommunications room:
also known as the wiring closet, serves the connection needs of a floor or a section of a large building by providing space for networking equipment and cabling system
- What is horizontal distribution systems:
this provides the connection between the telecommunication room and work areas, often including cabling, cross-connection blocks, patch panels and supporting hardware infrastructure.
- What are server rooms or data centers
Server rooms, data centers, communications rooms, wiring closets, server vaults, and IT closets are enclosed, restricted, and protected rooms where your mission-critical servers and network devices are housed. Centralized server rooms need not be human compatible. Server rooms should be located at the core of the building. CCTV monitoring on the door and motion detectors inside the space can also help maintain proper attention to who is coming and going.
- Explain Datacenters
a datacenter is an external location used to house the bulk of backend computer servers, data storage equipment and network management equipment.
- What are smart cards
smart cards are credit card sized IDs, badges or security passes with an embedded magnetic strip, bar code or integrated circuit chip. They contain information about the authorized bearer that can be used for identification and/or authentication purposes. Some smartcards can even process information or store reasonable amounts of data in a memory chip.
- A smartcard can be known by several phrases or terms:
identity token, processor IC Card, IC Card with ISO 7816
- List some known smartcard attacks:
physical attacks, logical attacks, trojan horse attacks and social engineering attacks.
- Common multifactor used with smartcards:
pin
- What are memory cards:
memory cards are machine readable ID cards with magnetic strip eg credit cards or debit cards. Memory cards can retain small amounts of data. They function with 2factor control.
What are proximity readers?
They are used to control physical access. A proximity reader can be a passive device, a field-powered device or transponder. A transponder device is self-powered and transmits a signal received by the reader. This can occur consistently or only at the press of a button (like a garage door opener or car alarm key fob).
- What are Intrusion Detection systems (IDSs):
Intrusion detection systems (IDSs) are systems—automated or manual—designed to detect an attempted intrusion, breach, or attack; the use of an unauthorized entry/point; or the occurrence of some specific event at an unauthorized or abnormal time.
- What is masquerading?
Masquerading is using someone else’s security ID to gain access to a facility.
- What is piggybacking?
Piggybacking is following someone through a secured gate or doorway without being identified or authorised personally.
- How can you detect access abuses?
Access abuses can be detected by using audit trails or retaining access logs. Closed circuit television (CCTV) or security cameras.
31. What is emanation security: Emanation Security involves protecting electrical devices that emanate electrical signals. The type of countermeasures and safeguards to protect against emanation attacks are known as TEMPEST countermeasures.
- List some TEMPEST countermeasures:
Faraday cage, white noise, and control zones
- What is Faraday Cage:
This is a TEMPEST Counter measure. Faraday Cage is a box, mobile room or entire building designed with an external metal skin, often wire mesh that fully surrounds an area on all sides. Tis metal skin acts as an Electromagnetic interference (EMI) absorbing capacitor.
- What is white noise?
This is a TEMPEST Counter measure. White noise means broadcasting false traffic at all times to mask or hide the presence of real emanations.
- What is control zone?
This is a TEMPEST Counter measure. A control zone is simply the implementation of either a Faraday Cage or white noise generation or both to protect a specific area in an environment; the rest of the environment is not affected.
- What is data remnants?
Data Remnants are remaining on a storage device after standard deletion or formatting process.
- What is zeroization?
Zeroization is the procedure that erases data by replacing it with meaningless data such as zeroes to remove all data remnants
- What is evidence storage:
as cybercrime increases it is important to retain audit logs, audit trails and other digital events. It may also be necessary to retain image copies of drives or snapshots of virtual machines for future comparison
- What is emanation security
Emanation Security involves protecting electrical devices that emanate electrical signals. The type of countermeasures and safeguards to protect against emanation attacks are known as TEMPEST countermeasures.
- Explain restricted and work area security
There should not be equal access to all locations within a facility. valuable and confidential assets should be located in the heart or centre of protection provided by a facility. E.G. Sensitive Compartmented Information Facility (SCIF)
What is shoulder surfing?
Shoulder surfing is the act of gathering information from a system by observing the monitor or the use of keyboard by the operator.
- What is SCIF?
? Sensitive Compartmented Information Facility (SCIF) is often used by
government and military contractors to provide a secure environment for highly sensitive data storage and computation. It can be a permanent installation or
- What is the purpose of SCIF
Sensitive Compartmented Information Facilities is used to store, view and update sensitive compartmented information (SCI).
- What is power fault?
Fault is a momentary loss of power.
- What is power blackout?
Power blackout is a complete loss of power
- What is power sag?
Power sag is momentary low voltage
- What is Power Brownout?
Power blackout is a complete loss of power
- What is power spike:
Power spike is momentary high voltage
- What is power surge
: Power surge is prolonged high voltage
- What is power inrush?
Power inrush is an initial surge of power usually associated with connecting to a power source, whether primary, alternate or secondary.
- What is power noise?
Power noise is a steady interfering power disturbance or fluctuation.
- What is transient power?
Transient power is a short duration of noise-interference
(line noise disturbance).
- What is clean power?
Clean power is a nonfluctuating pure power
- What is ground?
Ground is a wire in an electrical circuit that is grounded.
- List 2 types of Electromagnetic Interference (EMI):
Common Mode, Traverse Mode
- What is common mode
common mode noise is generated by a difference in power between hot and ground wires of a power source or operating electrical equipment. i.e. Common Mode = Hot wires - Ground wires
- What is traverse mode?
Traverse mode is generated by diff in power between hot and neutral wires of a power source or operating electrical equipment. i.e. Traverse Mode = Hot wires - Neutral wires
- What is radio frequency interference?
Radio Frequency Interference (RFI) is another source of noise and interference that can affect many of the same systems as EMI.
- List some equipments that generate RFI
Radio Frequency interference can be generated by fluorescent light, electrical cables, electric space heaters, computers, elevators, monitors and electric magnets.
- What are water detection circuits:
: water detection circuits will sound an alarm and alert you if water is encroaching upon equipment. Water and electricity can cause electrocution.
- Water suppresses —–
temperature
- Soda Acid and other dry powders suppress …….:
fuel supply
- CO2 suppresses……..:
Oxygen supply
- Halon substitutes and other non flammable gases interfere with:
chemistry of combustion and or suppress the oxygen supply.
- List the 4 primary stages of fire: stage 1:
Incipient Stage, stage 2: Smoke stage, stage 3: Flame stage, stage 4: Heat Stage
- What is the primary stage 1 of fire:
stage 1 of fire is the incipient stage. At this stage there is air ionisation but no smoke.
- What is the primary stage 2 of fire:
in stage 2, smoke is visible from the point of ignition
- What is primary stage 3 of fire:
the flame stage, this when flame can be seen by the naked eye.
- What is primary stage 4 of fire:
the heat stage, the fire is considerably further down the timescale to the point where there is an intense heat build-up and everything in the area burns.
- Explain fire management;
proper awareness training is one of the basics of fire management. Everyone should know 2 evacuation routes and fire suppression mechanisms within their facility. Staff should know the location and use of fire extinguishers, cardiopulmonary resuscitation (CPR), emergency shutdown procedures, pre-established rendezvous location or safety verification mechanism.
- Explain class A extinguishers:
: class A extinguishers are used on common combustibles and the suppression material is water, soda acid (a dry powder or liquid chemical).
- Explain class B extinguishers:
class B extinguishers are used on liquids. Suppression material is CO2, halon, soda acid. Water cannot be used on this as liquids float on water.
- Explain class C fire extinguishers:
class C is for electrical fires, suppression material is CO2 and halon. Water cannot be used on this as there’s potential for electrocution.
- Explain class D fire extinguishers:
class D extinguishers are for metal and the suppression material is dry powder
- List the types of fire detection systems
fixed temperature detection systems, rate of rise detection systems, flame actuated systems, smoke actuated systems.
- What is fixed temperature detection system:
fixed temperature detection system trigger suppression when a specific temperature is reached.
- What is rate of rise detection system?
Rate of rise detection systems trigger suppression when the speed at which the temperature changes reaches a specific level
- What is flame actuated system:
flame actuated systems trigger suppression based on the infrared energy of flames.
- What is smoke actuated system:
smoke actuated systems use photoelectric or radioactive ionisation sensors as triggers.
- What are incipient smoke detection systems
incipient smoke detection systems also known as aspirating sensors are able to detect chemicals typically associated with the early stages of combustion before fire is otherwise detectible via other means
- List 4 types of water suppression systems
wet pipe system, dry pipe system, deluge system, pre-action system.
- What is wet pipe system:
: wet pipe system is always full of water, water discharges immediately when suppression is triggered. It is also known as closed head system.
- What is dry pipe system
Dry pipe contains compressed air, once suppression is triggered, the air escapes, opening a water valve that in turn causes the pipes to fill and discharge water into the environment.
- What is deluge
deluge system is a form of dry pipe system that uses large pipes and therefore delivers a significantly larger volume of water. They are inappropriate for environments that contain electronics and computers.
- What is pre-action:
it is a combination of dry pipe and wet pipe system.
- What is gas discharge:
gas discharge is more effective than water discharge systems. They remove oxygen from the air and employ a pressurized gaseous suppression medium e.g., CO2, halon, or FM-200
- What is fence:
Fence is a perimeter defining device.
- What is gate
Gate is a controlled entry and exit point in a fence. Keep number of gates to a minimum. They can be monitored by guards, when not the use of dogs and CCTV is recommended
- What is turnstile
Turnstile is form of gate that prevents more than one person at a time from gaining entry and it often restricts movement in one direction. It can be used to gain entry and not exit and vice versa
- What is mantrap
mantrap is a double set of doors that is often protected by a guard or some physical layout that prevents piggybacking and can trap individuals at the discretion of security personnel.
- What is the purpose of man trap
Mantrap is used to immobilize a subject until their identity and authentication is verified.
- Explain lighting
lighting is a form of perimeter control. It is used to discourage casual intruders, trespasses etc. it should not illuminate positions of guards, dogs, patrol posts etc.
- List some deterrent security controls:
fence, lighting, CCTV, guards, dogs
- An alternative to security guards are:
dogs, dogs are good for detection and deterrent measures.
- An alternative to security guards are:
dogs, dogs are good for detection and deterrent measures.
- What is the purpose of locks:
locks are identification and authorisation mechanisms.
- What is shimming?
Shimming is categorised under a class of lock mechanism attacks.
- Electronic Access control locks incorporates 3 elements, list them:
an electromagnet; to keep the door closed, a credential reader to authenticate subjects and to disable the electromagnet, a sensor to reengage the electromagnet when the door is closed.
- Badges can be used for…….. and ……..:
identification and authentication
- How can a badge be used as identification?
This occurs when a badge is swiped.
- How can a badge be used for authentication?
After identification by using the badge the owner may be required to provide password, passphrase or biological trait (biometrics).
- What is motion sensor or detector:
motion sensor or detector is a device that sense movement or sound in a specific area.
- List some motion detectors:
infrared, heat, wave pattern, capacitance, photoelectric and passive audio
- What are infrared motion detectors:
infrared motion detectors monitors for significant or meaningful changes infrared lighting pattern of a monitored area.
- What are wave pattern motion detectors:
wave pattern motion detectors transmits a low ultrasonic or high microwave frequency signal into a monitored area and monitors for significant or meaningful changes or disturbances in reflected patterns
- What is capacitance motion detector:
capacitance motion detector senses changes in electrical or magnetic field surrounding a monitored object.
- What is photoelectric motion detector
: photoelectric motion detector senses changes in visible light levels for the monitored area. They are usually employed in dark rooms with no windows
- What is passive audio motion detector:
passive audio motion detector listens for abnormal sounds in monitored area.
- How do motion detectors work?
Whenever a motion detector registers a significant or meaningful change in the environment, it triggers an alarm.
- What does alarms trigger:
alarms triggers deterrent, a repellent or notification.
- What is deterrent alarm
deterrent alarms make further intrusion more difficult e.g. engaging additional locks, shut doors etc.
- What are repellant alarms:
repellent alarms are used to discourage intruders or attackers from continuing their malicious or trespassing activities and to force them off the premises.
- What are notification alarms:
notification alarms are silent from the intruder/attacker’s perspective but record data about the incident and notify administrators, security guards and law enforcement.
- What are local alarms:
local alarms must be audible and can easily be heard 400feet away. There must be security guards positioned nearby.
- What are central station system:
this alarm is silent locally but offsite monitoring agents are notified so that they can respond to the security breach. Most residential security are of this type.
- What is proprietary system
proprietary system this alarm is silent locally, but organisation have its own onsite security staff waiting to respond to security breaches.
- What are auxiliary stations
auxiliary alarm systems can be added to local or centralized alarm systems. when the security perimeter is breached, emergency services are notified to respond to the incident and arrive at the location. This could include police, fire and medical services
——–Is a Secondary verification mechanism to motion detectors
CCTV.
CCTV is a ……measure whereas reviewing recorded events is a ………measure.
Preventive, Detective
- What is privacy:
privacy means protecting personal information from disclosure to any authorized individual or entity.
a
a
a
a
a
a
a
a
a
a
