Chapter 10- Physical Security Requirements Flashcards
- What are first line of defence?
Physical controls are your first line of defence, and people are your last.
- What is a secure facility plan:
secure facility plan outlines the security needs of an organisation and emphasizes methods or mechanisms to employ to provide security. Such a plan is developed through a process of Critical Path Analysis.
- What is Critical Path Analysis
Critical Path Analysis is a systemic effort to identify relationships between mission critical applications, processes and operations and all the supporting elements.
- List some physical security controls:
administrative, technical and physical
- Functional order in which controls should be used are:
- Deterrence 2 Denial 3 Detection 4 Delay
- What is Service Level Agreement:
Service Level Agreement defines the response time a vendor will provide in the event of an equipment failure emergency.
- Explain MTTF:
Mean Time to Failure (MTTF) is the expected typical functional lifetime of a device given a specific operating environment.
- Explain MTTR:
Mean Time to Repair (MTTR) is the average length of time required to perform a repair on the device
- What is MTBF: t
Mean Time Between Failures is an estimation of time between the first an any subsequent failures. If the MTTF and MTBF values are the same or fairly similar, manufacturers often only list the MTTF to represent both values.
- What are modern wiring closets:
a modern wiring closet is where networking cables for the whole building or just one floor are connected to other essential equipment, such as patch panels, switches, routers, local area network (LAN) extenders, and backbone channels
- Explain wiring closet security:
For wiring closet security, the most important aspect is physical security, there should be no unauthorised access
- What are cable plant:
: cable plant is the collection of interconnected cables and intermediary devices that establish a physical network
- List the elements of a cable plant:
cable plant is the collection of interconnected cables and intermediary devices that establish a physical network
- What is entrance facility:
this is known as the demarcation point, this is the entrance to the building where the cable from the provider connects the internal cable plant
- What is the equipment room:
this is the main wiring for the building, often connected to or adjacent to the entrance facility
- What is backbone distribution system
this provides wired connections between the equipment room and the telecommunications rooms, including the cross floor connections
- What is the telecommunications room:
also known as the wiring closet, serves the connection needs of a floor or a section of a large building by providing space for networking equipment and cabling system
- What is horizontal distribution systems:
this provides the connection between the telecommunication room and work areas, often including cabling, cross-connection blocks, patch panels and supporting hardware infrastructure.
- What are server rooms or data centers
Server rooms, data centers, communications rooms, wiring closets, server vaults, and IT closets are enclosed, restricted, and protected rooms where your mission-critical servers and network devices are housed. Centralized server rooms need not be human compatible. Server rooms should be located at the core of the building. CCTV monitoring on the door and motion detectors inside the space can also help maintain proper attention to who is coming and going.
- Explain Datacenters
a datacenter is an external location used to house the bulk of backend computer servers, data storage equipment and network management equipment.
- What are smart cards
smart cards are credit card sized IDs, badges or security passes with an embedded magnetic strip, bar code or integrated circuit chip. They contain information about the authorized bearer that can be used for identification and/or authentication purposes. Some smartcards can even process information or store reasonable amounts of data in a memory chip.
- A smartcard can be known by several phrases or terms:
identity token, processor IC Card, IC Card with ISO 7816
- List some known smartcard attacks:
physical attacks, logical attacks, trojan horse attacks and social engineering attacks.
- Common multifactor used with smartcards:
pin
- What are memory cards:
memory cards are machine readable ID cards with magnetic strip eg credit cards or debit cards. Memory cards can retain small amounts of data. They function with 2factor control.
What are proximity readers?
They are used to control physical access. A proximity reader can be a passive device, a field-powered device or transponder. A transponder device is self-powered and transmits a signal received by the reader. This can occur consistently or only at the press of a button (like a garage door opener or car alarm key fob).
- What are Intrusion Detection systems (IDSs):
Intrusion detection systems (IDSs) are systems—automated or manual—designed to detect an attempted intrusion, breach, or attack; the use of an unauthorized entry/point; or the occurrence of some specific event at an unauthorized or abnormal time.
- What is masquerading?
Masquerading is using someone else’s security ID to gain access to a facility.
- What is piggybacking?
Piggybacking is following someone through a secured gate or doorway without being identified or authorised personally.
- How can you detect access abuses?
Access abuses can be detected by using audit trails or retaining access logs. Closed circuit television (CCTV) or security cameras.
31. What is emanation security: Emanation Security involves protecting electrical devices that emanate electrical signals. The type of countermeasures and safeguards to protect against emanation attacks are known as TEMPEST countermeasures.
- List some TEMPEST countermeasures:
Faraday cage, white noise, and control zones
- What is Faraday Cage:
This is a TEMPEST Counter measure. Faraday Cage is a box, mobile room or entire building designed with an external metal skin, often wire mesh that fully surrounds an area on all sides. Tis metal skin acts as an Electromagnetic interference (EMI) absorbing capacitor.
- What is white noise?
This is a TEMPEST Counter measure. White noise means broadcasting false traffic at all times to mask or hide the presence of real emanations.
- What is control zone?
This is a TEMPEST Counter measure. A control zone is simply the implementation of either a Faraday Cage or white noise generation or both to protect a specific area in an environment; the rest of the environment is not affected.
- What is data remnants?
Data Remnants are remaining on a storage device after standard deletion or formatting process.
- What is zeroization?
Zeroization is the procedure that erases data by replacing it with meaningless data such as zeroes to remove all data remnants
- What is evidence storage:
as cybercrime increases it is important to retain audit logs, audit trails and other digital events. It may also be necessary to retain image copies of drives or snapshots of virtual machines for future comparison
- What is emanation security
Emanation Security involves protecting electrical devices that emanate electrical signals. The type of countermeasures and safeguards to protect against emanation attacks are known as TEMPEST countermeasures.
- Explain restricted and work area security
There should not be equal access to all locations within a facility. valuable and confidential assets should be located in the heart or centre of protection provided by a facility. E.G. Sensitive Compartmented Information Facility (SCIF)
What is shoulder surfing?
Shoulder surfing is the act of gathering information from a system by observing the monitor or the use of keyboard by the operator.
- What is SCIF?
? Sensitive Compartmented Information Facility (SCIF) is often used by
government and military contractors to provide a secure environment for highly sensitive data storage and computation. It can be a permanent installation or
- What is the purpose of SCIF
Sensitive Compartmented Information Facilities is used to store, view and update sensitive compartmented information (SCI).
- What is power fault?
Fault is a momentary loss of power.
- What is power blackout?
Power blackout is a complete loss of power
- What is power sag?
Power sag is momentary low voltage
- What is Power Brownout?
Power blackout is a complete loss of power
- What is power spike:
Power spike is momentary high voltage
- What is power surge
: Power surge is prolonged high voltage
- What is power inrush?
Power inrush is an initial surge of power usually associated with connecting to a power source, whether primary, alternate or secondary.