Facilities Security Flashcards

1
Q

Fire Suppression

A

Process of controlling and/or extinguishing fires to protect an organization’s employees, data, equipment, and buildings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Handheld Fire Extinguisher Classes

A

Class A, B, C, D, K

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Type A Fire Extinguishers

A

Ordinary solid combustibles such as paper, wood, cloth and some plastics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Type B Fire Extinguishers

A

Flammable liquids such as alcohol, ether, oil, gasoline and grease, which are best extinguished by smothering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Class C Fire Extinguishers

A

Electrical equipment, appliances and wiring in which the use or a nonconductive extinguishing agent prevents injury from electrical shock.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Class D Fire Extinguishers

A

Certain flammable metallic substances such as sodium and potassium. These materials are normally not found in the Medical Center

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Class K Fire Extinguishers

A

Used in kitchens on grease fires

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Wet Pipe Sprinkler System

A

Pipes are filled with water all the way to the sprinkler head and are just waiting for the bulb to be melted or broken

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Dry Pipe Sprinkler System

A

Pipes are filled with pressurized air and only push water into the pipes when needed to combat the fire

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

pre-action sprinkler system

A

A pre-action sprinkler system will activate when heat or smoke is detected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Clean Agent System

A

Fire suppression system that relies upon gas (HALON, FM-200, or CO2) instead of water to extinguish a fire

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Faraday Cage

A

Shielding installed around an entire room that prevents electromagnetic
energy and radio frequencies from entering or leaving the room

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

TEMPEST

A

§ U.S. Government standards for the level of shielding required in a building to ensure emissions and interference cannot enter or exit the facility
§ TEMPEST facilities are also resistant to EMPs (electromagnetic pulses)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Controller Area Network (CAN)

A

• A digital serial data communications network used within vehicles
• The primary external interface is the Onboard Diagnostics (OBD-II) module
• No concept of source addressing or message authentication in a CAN bus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Internet of Things (IoT)

A

§ A group of objects (electronic or not) that are connected to the wider Internet by using embedded electronic components
§ Most smart devices use an embedded version of Linux or Android as their OS
§ Devices must be secured and updated when new vulnerabilities are found

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Embedded Systems

A

§ A computer system that is designed to perform a specific, dedicated function
§ Embedded systems are considered static environments where frequent changes are not made or allowed
§ Embedded systems have very little support for identifying and correcting security issues

17
Q

Programmable Logic Controller (PLC)

A

§ A type of computer designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems
§ PLC firmware can be patched and reprogrammed to fix vulnerabilities

18
Q

System-on-Chip (SoC)

A

§ A processor that integrates the platform functionality of multiple logical controllers onto a single chip
§ System-on-Chip are power efficient and used with embedded systems

19
Q

Real-Time Operating System (RTOS)

A

§ A type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks
§ Embedded systems typically cannot tolerate reboots or crashes and must have response times that are predictable to within microsecond tolerances

20
Q

Field Programmable Gate Array (FPGA)

A

§ A processor that can be programmed to perform a specific function by a customer rather than at the time of manufacture
§ End customer can configure the programming logic to run a specific application instead of using an ASIC (application-specific integrated circuit)

21
Q

ICS and SCADA

A

Operational Technology (OT)
Industrial Control Systems (ICS)
Fieldbus
Human-Machine Interface (HMI)
Data Historian
Supervisory Control and Data Acquisition (SCADA)
Modbus

22
Q

Operational Technology (OT)

A

§ A communications network designed to implement an industrial control
system rather than data networking
§ Industrial systems prioritize availability and integrity over confidentiality

23
Q

Industrial Control Systems (ICS)

A

§ A network that manages embedded devices
§ ICS is used for electrical power stations, water suppliers, health services, telecommunications, manufacturing, and defense needs

24
Q

Fieldbus

A

Digital serial data communications used in operational technology networks to link PLCs

25
Q

Human-Machine Interface (HMI)

A

Input and output controls on a PLC to allow a user to configure and monitor the system
§ ICS manages the process automation by linking together PLCs using a fieldbus to make changes in the physical world (values, motors, etc)

26
Q

Data Historian

A

Software that aggregates and catalogs data from multiple sources within an industrial control system

27
Q

Supervisory Control and Data Acquisition (SCADA)

A

§ A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographic region
§ SCADA typically run as software on ordinary computers to gather data from and manage plant devices and equipment with embedded PLCs

28
Q

Modbus

A

§ A communications protocol used in operational technology networks
§ Modbus gives control servers and SCADA hosts the ability to query and change the configuration of each PLC

29
Q

mitigating vulnerabilities in specialized system

A

§ Establish administrative control over Operational technology networks by recruiting staff with relevant expertise
§ Implement the minimum network links by disabling unnecessary links, services
§ Develop and test a patch management program for Operational Technology Network
§ Perform regular audits of logical and physical access to systems to detect possible vulnerabilities and intrusion

30
Q

Premise Systems

A

§ Systems used for building automation and physical access security
§ Many system designs allow the monitoring to be accessible from the corporate data network or even directly from the Internet

31
Q

Building Automation System (BAS)

A

Components and protocols that facilitate the centralized configuration and monitoring of mechanical and electrical systems within offices and data centers

32
Q

Building Automation System (BAS) vulnerabilities

A

• Process and memory vulnerabilities in PLC
• Plaintext credentials or keys in application code
• Code injection via web user interface

33
Q

Physical Access Control System (PACS)

A

§ Components and protocols that facilitate the centralized configuration and monitoring of security mechanisms within offices and data centers
§ PACS can either be implemented as part of a building automation system or a separate system