CISSP Domain 3: Physical Security Flashcards
What are the logical (technical) controls for physical security?
- building access controls
- intrusion detection
- alarms
- CCTV and monitoring
- HVAC
- power supplies
- fire detection and suppression
What are administrative controls for physical security?
- facility construction
- facility selection
- site management
- building design
- personnel controls
- awarness trainig
- emergency response
- emergency procedure defined within the emergency response
What are the physical controls for physical security?
- fencing
- lightning
- locks
- construction materials
- mantraps (access control vestibules)
- dogs
- guards
Describe efficacy of fences by hight:
* 3-4 feet
* 6-7 feet
* 8+ feet (topped with barbed wire)
- 3-4 feet
- deters casual traspasser
- 6-7 feet
- too difficult to climb easily
- may block vision (providing additional security)
- 8+ feet (topped with barbed wire)
- will deter determined intruders
What’s PIDAS?
- Perimeter Intrusion Detection and Assessment System
- detects someone attmpting to climb a fence
- expensive and may generate false positive alarms
What is the role of a fence?
What type of control?
- to deter the potential intruder
- therefore deterrent control
What is the role of PIDS?
What type of control?
- detect potential intruder
- therefore detective control
What’s Blackout?
prolonged loss of power
What’s Brownout?
prolonged low voltage
What’s Fault?
short/momentary loss of power
What’s Surge?
prolonged high voltage
What’s Spike?
momentary/temporary high voltage
What’s Sag?
temporary low voltage
What are the different types of electrical impact?
Name from high voltage to low/none.
- surge
- spike
- sag
- brownout
- fault
- blackout
What is the rule of an effective lighting design?
should not illuminate of guards, dogs, patrol posts, or other similar security elements
How should be the lighting for perimeter detection designed?
lighting for perimeter protection should illuminate critical areas with 2 feet of candle power from a hight of 8 feet
How should be the light poles placed for perimeter protection?
- the same distance apart as the diameter of the illuminated area
- means 20 feet of coverage means poles 20 feet apart
What’s the ideal humidity?
40%-60%
What’s the ideal and damage temperature for computers?
- ideal = 60-75 F (15-23 C)
- damage = 175 F (80 C)
What is the temperature in which managed storaged devices can be damaged?
100 F or 38 C
What can be caused by too much humidity?
corrosion
What can be caused by too little humidity?
static electricity
What are the different classes of fire and suppression agents?
- Class A (ash) fires
- common combustibles such as wood, paper, etc
- most common and should be extinguished with water or soda acid
- Class B (biol) fires
- burning alcohol, oil, and other petroleum products
- extinguished with gas (CO2, halon) or soda acid
- never use water to extinguish a class B fire
- Class C (conductive) fires
- electrical fires which are fed by electricity and may occur in equipment or wiring
- electrical fires are conductive and the extinguishing agent must be non-conductive, such as any type of gas CO2, halon)
- Class D (dilythium) fires
- burning metals, which are extinguished with dry powder
- Class K (Kitchen) fires
- kitchen fires, such as burning oil or grease
- wet chemicals are used to extinguish class K fires
What are the categories of fire detection systems?
- smoke sensing
- flame sensing
- heat sensing
Water can be used to put out which types of fire?
only class A, everything else cannot be put out with water
Smoke is damaging to what equipment?
storage devices
Heat is damaging to what equipment?
electronic or computer components
Suppression mediums can do what type of damage?
can cause short circuits, initiate corrosion or otherwise render equipment useless
What are the different sprinkler systems?
- preaction systems
- wet pipe systems
- dry pipe systems
- deluge systems
Describe preaction systems
- use closed sprinkler heads
- the pipe is charged with compressed air instead of water
- good for areas with people and computers
Describe wet pipe systems
- have water present in the pipes at all times, posing an unacceptable level of risk for a data center containing electronics that might be damaged if a pipe leaks
Describe dry pipe systems
- filled with compressed air
- only contain water when triggered in the event of a possible fire
Describe deluge systems
- similar to dry pipes, except the sprinkler heads are open and larger than dry pipe heads
Describe gas discharge systems
more effective than water discharge systems, but should not be used in environments where people are located, because they work by removing oxygen from the air
Describe halon as fire suppressant
- effective, but bad for the environment (ozone depleting)
- turns to toxic gas at 900 F (482 Celsius)
What are suitable replacements for halon?
- FM-200 (HFC 227ea)
- CEA-410 or CEA-308
- NAF-S-III (HCFC Blend A)
- FE-13 (HCFC-23)
- Argon (IG55) or Argonite (IG01)
- Inergen (IG541)
- Aero-K
What are the types of electromagnetic interference?
- common mode noise
- traverse mode noise
Describe common mode noise
generated by the difference in power between the hot and ground wires of a power source operating electrical equipment
Describe taverse mode noise
generated by a difference in power in the hot and neutral wires of a power source opearing electrical equipment
Describe radio frequency interference (RFI)
source of interference that is generated by electrical appliances, light sources, electrical cables, circuits and so on
What are the different lock types?
Describe each
- electronic combination lock
- something known
- key card systems
- something possessed
- biometric systems
- something that is
- conventional locks
- easily picked / bumped and keys are easily duplicated
- pick-and-bump resistant locks
- expensive, harder to pick and keys are not easily duplicated
What’s the most world’s popular locks?
pin-tumbler
Does bumping require skill?
- no
- leaves no traces
- there’s no standard for bump resistance
What are the site design elements that impact physical security?
- site selection
- should be based on the security needs of the organization
- security requirements take precedence over cost and location
- location
- what is the proximity to other buildings and businesses?
- what kind of traffic do they draw?
- is it on a hill or in a valley? is there a sufficient drainage?
- what types of natural disasters are there?
- visibility
- what is the surrounding terrain?
- is it easy to approach it by vehicle or foot without being seen?
- be vary of elements that obscure visibility
What are the types of locks that can be picked/bumped?
- Pin Tumbler Locks
- Wafer Locks
- Tubular Locks
- Disc Detainer Locks
Do centralized server or computer rooms need to be human compatible?
no, the server rooms should be optimized for computers while maitaining certain level for human safety
No matter which physical access control is used, a security guard or other monitoring system must be deployed to prevent what?
- abuses
- propping open secured doors and bypassing locks and controls
- masquerading
- using someone else’s security ID to gain entry to a facility
- piggyback
- following someone through a secured gate or doorway without being identified or authorized personally
Media storage facility protections include what?
- locked cabinets or safes
- using a librarian/custodian
- implementing a check-in/check-out process
- using media sanitization
What are the protections of evidence storage?
- locked cabinets or safes
- dedicated/isolated storage facilities
- offline storage
- access restrictions and activity tracking
- hash management and encryption
What is important for a successful reconstruction of a physical intrusion, breach or attack?
- audit trails and access logs
- logs can be created manually by security guards or they may be generated automatically with the right equipment (smartcards and only certain proximity readers)
- entry points should be monitored with CCTV so audit trails and access logs could be compared with a visually recorded histroy of the events
When designing physical security of a facility, what is the functional order in which controls should be used?
- Deter
- Deny
- Detect
- Delay
- Determine
- Decide
Describe the Determine phase
security staff or legal authorities should determine the cause of the incident or assess the situation to understand what’s happening
Describe the Decide phase
based on the assessment in ithe Determine phase, security staff should decide on the response to implement - apprehending the intruder or collecting evidence for further investigation
What’s the goal of an Occupant Emergency Plan?
guide and assist with sustaining personnel safety in the wake of disaster
What are robot sentries?
- used to automatically patrol area to look for anything extraordinary
- use facial recognition to indetify authorized personnel and detect intruders
- can be on wheels or be used as drones
What’s the primary purpose of lighting?
deterrence of potential intruders
What’s white noise?
active control that generates emanations that effectively jam the true emanations from el. mag. equipment
What type of motion detector senses changes in the el. mag. fields in monitored areas?
capacitance
What motion detectors transmit ultrasonic or microwave signals into the monitor area, watching for changes in the returned signals bouncing off objects?
wave pattern
Use of an electromagnetic coil inside the card indicates that this is what card?
proximity card
Describe hand geometry scanners
- assess the physical dimensions of an individual’s hand but do not verify other unique factors about the individual, or even verify if they are alive
- geometry scanners should not be implemented as the sole authentication factor for secure environments
- do not stand out as a particular issue from an accessibility standpoint compared to other biometric systems
What does CPTED framework stand for?
Crime Prevention Through Environmental Design (CPTED)
What are the 3 strategies implemented by CPTED?
- natural access control
- natural surveillance
- natural territorial reinforcement
Which one of the fire suppression systems poses the greatest risk of accidental discharge that damages equipment in a data center?
wet pipe - use pipes filled with water all times that may damage equipment if there is damage to a pipe
What fire suppression systems all use pipes that remain empty until the system detects signs of a fire?
Dry pipe, deluge, and preaction systems
What’s Critical path analysis?
systematic effort to identify relationships between mission-critical applications, processes, and operations and all the necessary supporting elements when evaluating the security of a facility or designing a new facility
What is the most common and inexpensive form of physical access control device for both interior and exterior use?
lighting
What is the ideal humidity range for a server room?
20 to 80 percent
What is the most common cause of a false positive for a water-based fire suppression system?
people
What is the best type of water-based fire suppression system for a computer facility?
preaction system is the best type of water-based fire suppression system for a computer facility because it provides the opportunity to prevent the release of water in the event of a false alarm or false initial trigger
Where are photoelectric motion detectors usually deployed?
in internal rooms that have no windows and are kept dark
What does infrared PIR (passive infrared) detector monitor?
significant or meaningful changes in the heat levels and patterns in a monitored area
How does wave pattern motion detector work?
transmits a consistent low ultrasonic or high microwave frequency signal into a monitored area and monitors for significant or meaningful changes or disturbances in the reflected pattern
What changes in the environment does photoelectric motion detector detect?
senses changes in visible light levels for the monitored area
What is the most common form of perimeter security devices or mechanisms?
Lighting
How should be cameras positioned?
- to watch exit and entry points allowing any change in authorization or access level
- to have clear sight lines of all exterior walls, entrance and exit points, and interior hallways
What are the additional capabilities of cameras that include a SoC?
may be able to perform various specialty functions, such as time-lapse recording, tracking, facial recognition, object detection, or infrared or color-filtered recording
Biometric systems using a one-to-many search provide provide what?
Identification
Biometric systems using a one-to-one search provide what?
authentication
Do biometric systems provide authorization or accountability?
no
Which disaster type is not usually covered by standard business insurance?
most general business insurance and homeowner’s insurance policies do not provide any protection against the risk of flooding or flash floods
RFID (radio-frequency identification) is effectively what type of device?
field-powered proximity device
What are fail-secure doors?
stay closed and locked during adverse conditions
What are fail-safe doors?
allow for easy egress in the event of adverse conditions as they prioritize personnel safety
