Chapter 19: Physical Security Requirements

Question 1

What is the purpose of phyiscal security?

Answer 1

To protect against physical threats.

Question 2

What are the most common physical threats?

Answer 2

fire and smoke, water (rising or falling), earch movement (earthquakes, landslides, volcanoes), storms (wind, lightning, rain, snow, sleet), sabotage and vandalism, explosion or destruction, building collapse, toxic materials, utility loss (power, heating, cooling, air, water), equipment failure, theft, personnel loss (illness, strikes, access, transport).

Question 3

What is a Secure Facility Plan?

Answer 3

.

Question 4

What is Critical Path Analysis?

Answer 4

A systematic effort to identify relationships between missin-critical applications, processes,a nd operations and all the necessary supporting elements.

Question 5

What are administrative phyiscal security controls?

Answer 5

Facility construction and selection, site management, personnel controls, awareness training, and emergency response and procedures

Question 6

What are technical phyiscal security controls?

Answer 6

access controls, intrusion detection, alarms, CCTV, monitoring, heating, ventilating, and air conditioning, power supplies, fire detection and suppression.

Question 7

What are physical controls for physical security?

Answer 7

fencing, lighting, locks, construction materials, mantraps, dogs, and guards.

Question 8

What is the functional order in which controls should be used?

Answer 8

1. Deterrence
2. Denial
3. Detection
4. Delay

Question 9

What is the most important consideration in site selection?

Answer 9

Security. This includes susceptibility to riots, vandalism, break ins, location in a high crime area, or environmental factors such as flooding/weather/ fault lines, etc.

Question 10

What are the tradeoffs on number of entrances?

Answer 10

Single entrances improve security, multiple improve evacuation.

Question 11

What issues should be considered in facility design?

Answer 11

Combustibility, fire rating, construction materials, load rating, placement, control of walls, doors, ceilings, flooring, HVAC, power, water, sewage, gas.

Forced intrusion, emerency access, resistance to entry, direction of entries and exits, use of alarms and conductivity.

Question 12

How should work areas be laid out with regards to asset value?

Answer 12

Higher value assets should have more restricted access. Duh.

Question 13

How should areas of different sensitivity be separated?

Answer 13

Use floor to ceiling walls. If false or suspended ceilings, or raised floors exist, the walls should block those areas as well.

Question 14

Should central server rooms be human-compatible?

Answer 14

They don’t have to be. The more incompatible they are, the more protection it offers. Making a room human-incompatible can be accomplished by using Halotron, PyroGen, or other oxygen displacement fire suppression. Also, closely spaced equipment and low or no lighting.

Question 15

Where should server rooms be located?

Answer 15

In the center of the building.

Question 16

What risk exists if visitors are not tracked?

Answer 16

Not tracking visitors when they are allowed into a protected area can result in malicious activity against the most protected assets.

Question 17

How tall should a fence be to discourage casual trespassers?

Answer 17

3-4 feet

Question 18

How tall should a fence be to discourage most intruders?

Answer 18

6-7 feet

Question 19

How tall should a fence be to deter determined intruders?

Answer 19

8 feet with 3 strands of barbed wire

Question 20

What is a gate?

Answer 20

A controlled entry point in a fence.

Question 21

What are the design considerations of a gate?

Answer 21

It’s deterrent level must be the same as the fence to sustain its effectiveness. Hinges and locking mechanisms may need to be hardened against tampering. Keep the number of gates to a minimum.

Question 22

What is a turnstile?

Answer 22

A form of gate that only allows one person to enter at a time.

Question 23

What is a mantrap?

Answer 23

A set of double doors often protected bya guard taht prevents piggybacking and can trap individuals at the discretion of security personnel.

Question 24

How should lighting be designed?

Answer 24

It shouldn’t highlight the positions of guards, dogs, patrol posts, or other similar security elements. It should be combined with those elements. It shouldn’t be a nuisance to neighbors, and shouldn’t cause a glare or distraction to security elements.

Question 25

What is an alternative to security guards?

Answer 25

Dogs.

Question 26

What are the trade offs to using dogs vs guards.

Answer 26

Guards are extremely effective, but costly and require a high level of mainenance. They also impose insurance and liability requirements.

Question 27

What are preset locks?

Answer 27

Typical key based locks.

Question 28

What is shimming?

Answer 28

An attack on key-basd locks. Picking.

Question 29

What are the types of motion detectors?

Answer 29

Infrared, heat-based, wave pattern, capacitance, photoelectric, and passive audio.

Question 30

How does an infrared motion detector work?

Answer 30

It monitors for significant or meaningful changes in the infrared lighting pattern of a monitored area.

Question 31

How does a heat-based motion detector work?

Answer 31

It monitors for significant or meaningful changes in the heat levels or patterns of a monitored area.

Question 32

How does a wave pattern motion detector work?

Answer 32

It transmits a constant low ultrasonic or high microwave frequency signal into the monitored area and monitors for changes or disturbances in the reflected pattern.

Question 33

How does a capacitance motion detector work?

Answer 33

It senses changes in the electrical or magnetic field surrounding a monitored object.

Question 34

How does a photoelectric motion detector work?

Answer 34

It sense changes in visible light levels for the monitored area. Usually deployed in internal rooms that are kept dark.

Question 35

How does a passive audio motion detector work?

Answer 35

It listens for abnormal sounds in the monitored area.

Question 36

What are the different types of intrusion alarms?

Answer 36

deterrent, repellant, notification

Question 37

What are the different location types of intrusion alarms?

Answer 37

Local, central/proprietary, auxilary.

Question 38

What is secondary verification?

Answer 38

Another method to determine if an alarm is false. For example, CCTV coverage of an area with motion detectors.

Question 39

What is a smart card?

Answer 39

A credit-card sized ID, badge, or security pass with an embedded magnetic strip, bar code, or IC.

Question 40

What is a proximity reader?

Answer 40

A passive, field powered device, or a transponder that reads a smart card to control access.

Question 41

List the different access abuses we need to look for.

Answer 41

Propping open doors, bypassing locks, masquerading, piggybacking.

Question 42

What is TEMPEST?

Answer 42

Intercepting electronic signals from equipment to gain information.

Question 43

How do you defeat TEMPEST?

Answer 43

Use a faraday cage to control signal propagation, broadcast white noise to mask or hide the presence of real emanations, or implement a control zone, which is just a smaller faraday cage.

Question 44

What should the priority of physical security be?

Answer 44

Protecting human life, then restoring the safety of the environment, then restoring utilities necessary for IT infrastructure.

Question 45

What is a UPS?

Answer 45

A self-charging battery that can be used to supply consistent, clean power to sensitive equipment.

Question 46

What is a power fault?

Answer 46

A momentary loss of power.

Question 47

What is a blackout?

Answer 47

A complete loss of power.

Question 48

What is a (power) sag?

Answer 48

A momentary low voltage.

Question 49

What is a brownout?

Answer 49

Prolonged low voltage.

Question 50

What is a (power) spike?

Answer 50

Momentary high voltage.

Question 51

What is a (power) surge?

Answer 51

Prolonged high voltage.

Question 52

What is a (power) inrush?

Answer 52

An initial surge of power usually associated with connecting to a power source.

Question 53

What is (power) noise?

Answer 53

A steady interfering power disturbance or fluctuation.

Question 54

What is a (power) transient?

Answer 54

A short duration of line noise disturbance.

Question 55

What is clean power?

Answer 55

Nonfluctuating, pure power.

Question 56

What is a ground?

Answer 56

The wire in an electrical circuit that is grounded.

Question 57

What are the two types of electromagnetic interference?

Answer 57

Common mode and transverse mode.

Question 58

What is common mode electromagnetic interference?

Answer 58

Noise generated by a difference in power between the hot and ground wires of a power source or operating electrical equipment.

Question 59

What is transverse mode electromagnetic interference?

Answer 59

Generated by a difference in power between the hot and neutral wires of a power source or operating electrical equipment.

Question 60

What is RFI?

Answer 60

Radio Frequency Interference

Question 61

What causes RFI?

Answer 61

A wide range of common electrical appliances, such as lights, electrical cables, space heaters, computers, elevators, motors, electric magnets.

Question 62

Within what limits should rooms intended to house computers be kept?

Answer 62

60-75F, 40-60 % humidity.

Question 63

Fire triangle?

Answer 63

Dubious p 767

Question 64

What is the cause of most data center fires?

Answer 64

Overloaded electrical distribution outlets

Question 65

What is a class A fire extinguisher for?

Answer 65

Common combustibles

Question 66

What is a class B fire extinguisher for?

Answer 66

Liquids

Question 67

What is a class C fire extinguisher for?

Answer 67

Electrical

Question 68

What si a class D fire extinguisher for?

Answer 68

Metals

Question 69

What is the suppression material in a class A fire extinguisher?

Answer 69

Water, soda acid

Question 70

What is the suppression material in a class B fire extinguisher?

Answer 70

CO2, halon, soda acid

Question 71

What is the suppression material in a class C fire extinguisher?

Answer 71

CO2, halon

Question 72

What is the suppression material in a class D fire extinguisher?

Answer 72

Dry powder

Question 73

What are the four main types of water suppression systems?

Answer 73

wet pipe, dry pipe, deluge, preaction

Question 74

What is a wet pipe water suppression system?

Answer 74

One that is always full of water. Immediate discharge.

Question 75

What is a dry pipe water suppression system?

Answer 75

One containing compressed air. When triggered, a water valve opens that then fills the pipes.

Question 76

What is a deluge water suppression system?

Answer 76

A dry pipe system that uses larger pipes and therefore delivers a significantly larger volume of water. Inappropriate for areas containing IT systems.

Question 77

What is a preaction suppression system?

Answer 77

A combination dry/wet pipe system. It’s dry until the initial stages of a fire, but doesn’t trigger until a head is melted by heat. Can manually stop release.