Chapter 13: Security

Question 1

Asset

Answer 1

An employee, contractor, or any physical, technological, or intellectual possession.

Question 2

Compartmentalization

Answer 2

The isolation or segregation of assets from threats using architectural design or countermeasures, including physical barriers.

Question 3

Countermeasures

Answer 3

The procedures, technologies, devices, or organisms (dogs, humans) put into place to deter, delay, or detect damage from a threat.

Question 4

Layering

Answer 4

The use of many layers of barriers, other countermeasures, or a mixture of both is used to provide the maximum level of detterance and delay

Question 5

Threats

Answer 5

The agents by which damage, injury, loss, or death can occur; threats are commonly classified as originating from temperature extremes, liquids, gases, projectiles, organisms, movement, or energy anomalies.

Question 6

Vulnerability

Answer 6

A physical, procedural, or technical weakness that creates an opportunity for injury, death, or loss of an asset.

Question 7

What is a data center security plan?

Answer 7

The security plan is a document providing the framework, policies, and procedures to establish security for data center staff, contractors, and visitors along with the ITE, network technology, telecom assets, and the sites and buildings that house them.

Question 8

What should be included in the data center security plan?

Answer 8

• Physical Security
• IT/ cyber security
• Disaster recovery plan
• Emergency operation

Question 9

Give three examples of regulatory and legal documents affecting the operation of the data center.

Answer 9

• Sarbanes-Oxley
• Industry-specific standards
• Federal Information Processing Standards (FIPS)
• Health Insurance Portability and Accountability Acts (HIPAA)
• National Association of Security Dealers Conduct Rules 3010, 3013, and 3110

Question 10

__________ is the isolation or segregation of assets from threats using architectural design or countermeasures, including physical barriers.

Answer 10

Compartmentalization

Question 11

What is CPTED?

Answer 11

The crime-reducing concepts and strategies of Crime Prevention Through Environmental Design (CPTED)

Question 12

What are the three underlying principles of CPTED?

Answer 12

• Natural access control
• Natural surveillance
• Territorial enforcement

Question 13

Regarding CPTED, what is a private space type?

Answer 13

Spaces that are restricted from most pedestrians, including unauthorized employees. Typical private areas might include print rooms, call centers, private manager offices, a bank vault, a surgery site, and the executive floor of an office tower.

Question 14

Identify one way proper lighting may be a security measure.

Answer 14

• It prevents concealment for unauthorized access to the data center site or buildings
• It protects the safety of pedestrians, vehicles, and assets

Question 15

What are the three types of physical access control?

Answer 15

Type 1: What a person has (keys, cards)
Type 2: What a person knows (passwords)
Type 3: What is person is (fingerprints, iris recognition)

Question 16

Give an example of a multifactor authentication to sensitive areas of a data center.

Answer 16

• A two-factor authentication scheme for the computer room where both fingerprint scan and proximity card are required to enter.
• A three-factor authentication scheme for any critical facility area would be a proximity card, fingerprint scan, and entry of a valid work order ticket number for the specific area.

Question 17

What are electrified locksets?

Answer 17

Locksets are locked and unlocked remotely and are commonly layered and integrated with other systems in the electronic access control system.

Question 18

What is a fail-safe lock?

Answer 18

A fail-safe lock is one in which the locking mechanism unlocks under any failure condition.

Question 19

Which strategy should be utilized when attempting to maintain security during normal operation, loss of power, and emergency conditions?

Answer 19

Combinations of more than one lock type should be utilized when attempting to maintain security during normal operation, loss of power, and emergency conditions.

Question 20

When using cipher lock combinations, what is the maximum time allowed without changing the combination?

Answer 20

90 days

Question 21

What should automated EAC systems record?

Answer 21

• Entry and exit times
• Identification of the entrant
• Authorization mechanism
• Location (and direction if applicable) of access.

Question 22

What is the role of an anti-passback feature on electronic card access systems?

Answer 22

This feature should only permit one entry without accompanying exit. When activated, this feature should not interfere with normal and authorized movement within the data center or computer room but limit the ability of more than one employee, contractor, or visitor to use the card for the same ingress or egress.

Question 23

What is the “two-man rule”?

Answer 23

When a restricted room or area is empty, two authorized persons must use their access cards within a specific period (typically 45 seconds) or entry is denied and a log entry or some sort of notification was made.

Question 24

What are the two types of surveillance employed by security?

Answer 24

Physical and technical

Question 25

What is technical surveillance?

Answer 25

The use of electronic equipment, typically cameras and other elements of video surveillance systems, to afford central monitoring of multiple locations.

Question 26

Barriers are one of the most common security measures. What are the types of penetration for which barriers should be used?

Answer 26

• Force
• Deception or stealth
• Accident

Question 27

What is the thickness of concrete walls that are found in the construction of blast resistant benkers?

Answer 27

Greater than 200 mm (8 “)

Question 28

Why are fences not to be considered permanent barriers to forced entry?

Answer 28

They introduce delay but not prevention and should be layered with other countermeasures like alarms, surveillance, and guards.

Question 29

Expanded metal fabric consists of sheets of metal (Carbon, galvanized, stainless steel, aluminum, and others) that have been cut or shaped and somewhat flattened or thinned to create metal barriers. What are the four acceptable styles of metal barriers?

Answer 29

1. Standard
2. Grate or diamond plate
3. Flattened
4. Architectural

Question 30

What is the minimum total thickness requirement for burglar-resistant windows?

Answer 30

6mm (0.25”) plus 60 mil vinyl film “sandwiched” between the glass.

Question 31

What phases of emergency are included in a data center disaster recoveryplan?

Answer 31

Phase 1: Planning
Phase 2: Pre-disaster/incident activities
Phase 3: The disaster/incident
Phase 4: Response
Phase 5: Recovery from the disaster/incident

Question 32

What is compartmentalization?

Answer 32

The isolation or segregation of assets from threats using architectural design or countermeasures, including physical barriers.

Question 33

Natural access control, nature surveillance, and territorial enforcement are underlying principles of what concept?

Answer 33

Crime Prevention Through Environmental Design (CPTED)

Question 34

These are locked and unlocked remotely and are commonly layered and integrated with other systems in the electronic access control system.

Answer 34

Electrified locksets

Question 35

Entry and exit times and identification of the entrant are two pieces of information that should keep a record of in __________.

Answer 35

EAC systems

Question 36

True or False: The anti-passback feature in electronic card access systems allows no more than two people entrance to a given area at once.

Answer 36

False

Question 37

__________ is the use of electronic equipment, typically cameras and other elements of video surveillance systems, to afford central monitoring of multiple locations.

Answer 37

Technical surveillance