Chapter 3

Question 1

Physical Controls

Answer 1

Is anything out there that’s designed to limit and how people can get into your enterprise.

Passive - would be a fence

Active - would be a lock or security.

IT services rely on underlying hardware
- On-premises
- Cloud

Local assess to IT systems is a security risk
- Encrypt data at rest

Question 2

Personnel

Answer 2

• Guards
• Badges
• Visitor logs
• Robot sentries
• Reception

Question 3

Facility Security

Answer 3

Location
- Undisclosed address
- Protection from natural disasters

Signage Fencing
- Height
- Periodic inspection

Bollards/barricades
Industrial camouflage
Motion detection
Lighting
Alarm systems

Question 4

Air gapped network

Answer 4

is an isolated network that has no physical connection, wired or wirelessly

Question 5

Environmental controls
Server Room Airflow Management

Answer 5

Keep incoming cool air separated from outgoing warmer air.

-Draw in cool air to equipment

-Draw hot air from equipment out.

Containment panels/curtains
- prevent cool and warm air from mixing

Blanking panels
- Fill empty rack slots to optimize airflow

Hot and cold aisles
- a physical layout within a data center where server racks are arranged in alternating rows with one row facing a cold aisle where cool air is delivered and the other facing a hot aisle where hot air is expelled.

Question 6

Environmental Monitoring

Answer 6

Sensors
- Temperature
- Pressure
- Humidity
- Noise
- Proximity

Question 7

Physical Security Concerns

Answer 7

-Computer left unattended (even if locked)
- Hardware keyloggers
-Computer left logged in
- Unlocked doors and windows
- Access to a server room or wiring closet/panel