Chapter 11: Electronic Security Systems Flashcards
What are the components of a full-featured access control system?
A credential reader, communication cabling, distributed processor, central database, software, supplementary interfaces to external systems and applications for request to exit devices.
What is personnel access control?
the portion of an access control system used to authorize entry and to verify the authorization of personnel seeking entry to a controlled area.
What is single factor authentification?
When one identification is required for access authorization.
What is dual factor authorization?
When two forms of identification are required for access authorization.
What is it called when three forms of identification are required for access authorization?
Three factor Authorization.
What are some ways to defeat access control points?
- Deceit
- Direct Physical Attack
- Technical Attack
How can an adversary use deceit to defeat an access control point?
By using false pretenses to convince security personnel or an employee to permit entry.
What are some way that an adversary can use direct physical attack to defeat an access control point?
Through force and the use of tools.
How can an adversary defeat an access control point by using a technical attack?
forging a credential or guessing or obtaining pass codes or pins.
What types of measures are used to determine who is allowed access to a facility and who to deny?
- credentials or other items in a person’s possession (such as metal key; a proximity device, chip embedded insertion card, magnetic stripe card; or a photo identification card
- private information known by the individual (password or pin)
- biometric features of the person. (fingerprint, hand geometry, iris and retinal patterns, signature, or speech patterns) this provides the highest levels of security.
What is a comprehensive access control system designed to do?
- Permit only authorized personnel and vehicles to enter and exit.
- Provide ability to audit compliance with access control policies.
- Detect and prevent the entry of contraband material.
- Detect and prevent the unauthorized removal of assets.
- Provide information to ensure the timely assessment and response to events categorized as exceptions or alarms conditions.
What is a PIN numer?
a Personal Identification Number
What are some weaknesses associated with the use of pin numbers?
- An individual could pass the PIN and credential to an unauthorized individual
- The PIN could be observed surreptitiously by an adversary (Shoulder Surfing)
- The PIN could be obtained by coercion.
How many possible PIN combinations are there in a four digit PIN?
10,000
What are some examples of the types of credentials used in access control?
- photo identification badges
- exchange badges
- stored-image badges
- coded credentials
What types of credentials require a high degree of vigilance from security?
- photo identification badges
- exchange badges
- stored-image badges
What are some weaknesses of a photo identification badge?
- a false photo identification badge can be made
- the individual can make up his or her face to match the face on a stolen badge.
- Guard inattentiveness
What is an exchange badge sytem?
a system that requires matching badges be held at each access point. When an employee presents a badge and requests entry, a guard compares the individual to the one on the corresponding exchange badge held at the access point.
What is a positive aspect of the exchange badge system?
The actual credential, with access, is never allowed to leave the facility.
What is a negative of the exchange badge system?
Someone can make up their face to match the face on the credential.
What is a stored image badge?
This is a system that requires a guard to verify an individual’s identity based on visual characteristics of a stored image.
What is a stored image badge system susceptible to?
The use of makeup as a disguise,
What are the most common techniques for coding a badge?
- Magnetic Stripe
- Wiegand Wire
- bar codes
- proximity
- smart cards.
Where is magnetic stripe encoding typically used?
In credit and debit card systems
How does Magnetic Stripe Encoding work?
A strip of magnetic material is located along edge of the badge and is encoded with data.
How is the data on a magnetic strip encoding read?
It is read when the magnetic strip is moved through or inserted into a magnetic reader.
WHat is coercivity?
The measure of the resistance of a magnetic material to changes in the stored information when exposed to magnetic field.
What is the unit of magnetic intensity used to describe the coercivity?
The Oersted.
What are the two types of oersted used in cards?
300 oersted- used in credit cards
2,500 to 4,000 oersted- used in security credential applications.
Which oersted magnetic strip is unlikely to get accidently erased?
The 2,500 to 4,000 oersted.
True or False. Credential Forgery is relatively easy to use on magnetic strips?
True
Is the Wiegand Wire Technology still in use?
No.
IS the Wiegand Data Protocol still in common use?
Yes.
What is the Open Supervised Device Protocol (OSDP)?
The OSDP is an access control communication protocol that improves interoperability among access control and security products.
When was the OSDP standard adopeted.
In 2020 it was adopted by the Security Industry Association (SIA) after it became the international IEC standard.
What is a proximity badge?
A card whose information can be read without the badge being physically placed into a reader device.
What is the major weakness of proximity cards?
- An attacker with an RFID tool can intercept, read, and copy the proximity cards that are not as secure.
- readers with compromised firmware allow attacker to compromise what information is stored in the reader.
What are the frequency ranges are proximality cards?
125 kHz for low-frequency badges
2.5 MHz to over 1 GHz for high frequency badges.
What are the types of smart cards?
- contact
- contactless (RF)
How do contactless smart cards communicate?
Through RF
What is the memory size of most smart cards?
8 kb to 64 kb
What does NFC stand for ?
Near Filed Communications
What is the most widely used method of controlling physical access?
locks.
Locks can be divided into what two general classes?
- those that operate on purely mechanical principles
- those that combine electrical energy with mechanical operations and are commonly associated with automated access control systems.
What are the two major components of a mechanical lock?
the coded mechanism and the fastening device.
What is the coded mechanism in a mechanical lock?
a key cylinder in a key lock or a wheel pack in a mechanical combination lock.
What is the fastening device in a mechanical lock?
a latch or bolt assembly.
How does a latch react when the door closes?
It automatically retracts.
How does a bolt react?
A bolt stays in the same position unless it is intentionally moved.
Which is more secure, a latch or a bolt?
Bolt.
How can you make a bolt more secure?
ensure that it extends beyond the door edge at least one inch.
What are the functional assemblies of components of a mechanical lock?
- the bolt or latch that actually holds the movable part (door, window, etc.) to the immovable part (jamb, frame, etc.)
- the keeper or strike into which the bolt or latch fits (not an integral part of the lock mechanism but a secure housing for the bolt when in a locked position.
- The tumbler array, which is the barrier or labyrinth that must be passed to move the bolt.
- The key or unlocking device, which is specifically designed to pass the barrier and operate the bolt.
What are the primary types of mechanical locks?
- Warded Locks
- Lever Locks
- Pin Tumbler Locks
What is a warded lock?
The mechanical lock longest in use. It features an open, see-through keyway and the long, barrel-like key
Where are Warded locks typically found?
older homes, farm buildings, and older inns.
What is the greatest weakness of Warded Locks?
Its vulnerability to spring manipulation by any key that is not stopped by the wards and corrosion due to weathering and age.
True or False. A well planned, modern locking program can include Warded Locks.
False.
If Warded locks are present, what should you do?
Plan for phased replacement or augmentation with other locks.
Describe a lever lock.
A lock that features levers that are flat pieces of metal held to a common pivot and retained in place inside the lock case by the tension of the spring wire.
Where are Lever Locks used today?
Desks, Cabinets, locker, bank safe deposit boxes, and U.S. Mailboxes.
What is a weakness of Lever Locks.
It is inherently susceptible to picking.
When was the pin tumbler lock developed and by who?
Linus Yale in the 19th century.
What is the most widely used lock in the United States?
The pin tumbler lock.
Where are pin tumbler locks typically used?
exterior and interior building doors.
What is the principle of master keying?
a single lock may be operated by more than one key by designing various keys to engage or work on different tumblers or different aspects of the same tumblers.
What are the major security difficulties with master keying?
- master key accountability must be maintained.
- Additional positions or possibilities are presented for surreptitiously unlocking
- increased maintenance.
What are the security vulnerabilites of mechanical locks?
- attack by force.
- Surreptitious attack
- attack by impression-making and “try keys”
What is Attack by Force in relation to locks?
separating the door or movable element from the jamb or immovable element; removing the lock from its housing and exposing the bolt to manual manipulation; or snapping pin tumblers to turn the plug freely.
What is an example of a surreptitious attack in relation to locks?
picking, raking, bumping, or mechanical manipulation due to engineering flaws or vulnerabilities with various specialty locksmith tools.
What is an example of an attack by impression-making and “try keys”?
by inserting a key blank that has been designed for a particular keyway into the lock before any biting cuts have been made, it may be possible, by applying turning pressure, to make faint marks on the key blank. “Try keys” or “jingle keys” are key blanks that are correctly milled to fit the particular keyway and that contain random biting. Insertion in the keyway and combined turning and raking movements may cause the lock to open.
What do electrified locks allow?
doors to be locked and unlocked by a remote device.
What is a fail safe lock?
A lock that will unlock when the power goes out.
What is a fail secure lock?
a lock that will stay locked when the power goes out.
What are the primary types of electrified looking mechanisms?
- Electric Deadbolt
- Electric Latch
- Electric Strike
- Electric Lock Set
- Exit Device
- Electromagnetic Lock
How does an electric deadbolt work?
A solenoid (electromagnet) moves a deadbolt, typically mounted on a doorframe, wither into or out of a strike plate on a door.
Should an electric deadbolt be used on a door that automatically unlocks during a fire?
No.
Why shouldn’t an electric deadbolt be used on a door that needs to open during a fire?
People can push on the door, causing tension on the deadbolt which could cause it not to unlock.
What is another name for an exit device?
panic bar or crash bar
What does Homeland Security Presidential Directive 12 (HSPD12) require?
Directs the entire Federal Government and all contract agencies to use a single, high security credential.
What is UL 294, 7th Edition?
The UL standard for access control system units and is used to evaluate the construction, performance, and operation of access control systems.
What year was the International Building Code adopted?
2000
What is the IBC?
International Building Code
Who publishes the IBC?
The International Code Council
What is the acronym for the International Code Council?
The ICC
Where is the IBC primarily used?
The United States
What other plan is used in the US where the IBC is not used?
The NFPA 101 life safety code.
What does NFPA stand for?
The National Fire Protection Association.
What does ADA stand for?
The Americans with Disabilities Act of 1990
In what areas, does ADA affect physical security?
Access Control and Lifer Safety Systems.
In regard to the ADA what is the area of greatest concern and compliance concerning installations?
The ability to exit the structure.
What are some methods of Contraband Detection?
- Metal Detectors.
- Package Search
- Explosives Detection
- Chemical and Biological Agent Detection
What type of system detects metal
Magnetometer
What is a magnetometer?
A passive device that monitors the earth’s magnetic field and detects changes to that field caused by the presence of ferromagnetic materials.
What are ferromagnetic materials?
Metals that are attracted to a magnet.
What types of metals does a magnetometer not detect?
copper, aluminum, and zinc.
What are metal detectors used for?
To screen entrants to an area to mitigate against firearms and other weapons.
What is a major disadvantage of small handheld metal detectors?
They require active guard participation in the screening process and the time required for a search
What is one way to counter the intrusiveness of the handheld metal detector?
Provide same sex screeners.
Explosive Detection Technologies are divided into what two types of methods?
Bulk and Trace Methods
What is the bulk method of explosive detection targeting?
macroscopic detonable amounts of explosives.
What is the trace method of explosive detection targeting?
particle and vapors residues associated with handling explosives.
Which method of explosive detection allows for automated detection?
Bulk
What is computed tomography (CT) used to detect?
Small threat masses.
What can a CT scanner detect?
The materials mass, density, and mass absorption coefficient.
What is a disadvantage of CT scanner?
Higher nuisance alarms (up to 20%)
What are high energy x ray devices used for?
Vehicle screening
What type of trace explosive detection samples the molecules in the air that have been exposed to radiactive Ni-63 source and chloide dopant?
Ion Mobility Spectrometer (IMS)
What type of explosive typically forms negative ions in an IMS system?
High explosives
What types of explosives typically form positive ions in an IMS system?
Triacetonetriperoxide (TATP)
What Trace Explosive Detection method uses photochemical detection?
Chemiluminescence Detector
What method of explosion detection is widely used by military and law enforcement
Canine Olfaction
How are chemical and biological agent detection typically performed?
Using point sensors at the site perimeter.
What types of systems do Intrusion Detection Systems include?
exterior and interior intrusion sensors, video alarm assessment, access control, and alarm communication systems working in combination,
What is intrusion detection?
The process of detecting a person or vehicle attempting to gain unauthorized entry into an area.
What are the three main characteristics of intrusion sensor performance?
Probability of detection (PD), nuisance alarm rate, and vulnerability to defeat.
What does the probability of detection depend on in regards to intrusion detection?
target to be detected, sensor hardware design, installation conditions, sensitivity adjustment, weather conditions, conditions of the equipment.
UL 681 requires intrusion detection after how many steps?
Three
What are three ways to defeat a security system?
- Bypass- going around a sensor detection volume
2.Adversary Path Exploitation- using speed and direction to bypass the sensor. - spoof-any technique that allows a target to pass through the sensor’s normal detection zone without generating an alarm.
What are some examples of the types of sensors?
- Intrusion Sensors- occurrence of a potential intrusion event.
- State Sensors- a change in a safety or process condition being monitored (rise in temp., presence of smoke)
- Fault Event Sensors- Loss of Electrical power, failure of the device itself.
- Tamper Sensors- openings, shorting, or grounding of the device circuitry; tampering with the sensors; or changes in impedance on a circuit enclosure or distributed control panels (transponders)
What does a volumetric sensor do?
Generates an alarm when an intruder enters the detection volume.
What does a line sensor do?
Generates an alarm if motion is detected along a a line such as a fence.
What is a fence disturbance sensor?
A passive, visible, terrain- following sensor that is usually installed on chain link fences. They can detect motion or shock, aiming to detect an intruder who climbs on or cuts through the fence material.
What are some examples of nuisance alarms on a fence disturbance sensor?
Wind, debris blown by wind, rain driven by wind, hail, and seismic activity from nearby traffic and machinery.
What are two ways to defeat a fence disturbance sensor?
tunneling under the fence or crossing above the fence without touching it.
How can you deter digging under a chain link fence?
place concrete under the fence or put the bottom edge of the fence fabric in concrete.
