Lesson 21

Question 1

Physical Access controls

Answer 1

Physical access controls depend on the same access control fundamentals as network
or operating system security:

• Authentication—create access lists and identification mechanisms to allow
approved persons through the barriers.
• Authorization—create barriers around a resource so that access can be controlled
through defined entry and exit points.
• Accounting—keep a record of when entry/exit points are used and detect security
breaches.

Question 2

Authentication (physical Access Control)

Answer 2

• Authentication—create access lists and identification mechanisms to allow
approved persons through the barriers.

Question 3

Authorization (physical Access Control)

Answer 3

• Authorization—create barriers around a resource so that access can be controlled
through defined entry and exit points.

Question 4

Accounting (physical Access Control)

Answer 4

• Accounting—keep a record of when entry/exit points are used and detect security
breaches.

Question 5

Site Layout, Fencing, and Lighting

Answer 5

Site layout
•Zone-based design to accommodate traffic flows and surveillance
•Signage
•Industrial camouflage

Barricades and entry/exit points
•Bollards

Fencing

Lighting
•Make staff feel secure
•Assist surveillance

Question 6

Industrial camouflage

Answer 6

Conversely, entry points to secure zones should be discreet. Do not allow an
intruder the opportunity to inspect security mechanisms protecting such zones (or
even to know where they are). Use industrial camouflage to make buildings and
gateways protecting high-value assets unobtrusive, or create high-visibility decoy
areas to draw out potential threat actors.

Question 7

fencing

Answer 7

The exterior of a building may be protected by fencing. Security fencing needs to be
transparent (so that guards can see any attempt to penetrate it), robust (so that it is
difficult to cut), and secure against climbing (which is generally achieved by making it tall
and possibly by using razor wire). Fencing is generally effective, but the drawback is that
it gives a building an intimidating appearance. Buildings that are used by companies to
welcome customers or the public may use more discreet security methods.

Question 8

Lighting

Answer 8

Lighting
•Make staff feel secure
•Assist surveillance

Question 9

Lock types

Answer 9

Lock types
•Physical (conventional/deadbolt)
     •Electronic
     •Cipher/combination
     •Magnetic swipe card
     •Smart card/proximity reader
•Biometric
•Access control vestibules/mantraps and turnstiles
•Cable locks

Question 10

Mantraps and turnstiles

Access control vestibule = mantrap

Answer 10

Apart from being vulnerable to lock picking, the main problem with a simple door or
gate as an entry mechanism is that it cannot accurately record who has entered or left
an area. Multiple people may pass through the gateway at the same time; a user may
hold a door open for the next person; an unauthorized user may “tailgate” behind an
authorized user. This risk may be mitigated by installing a turnstile (a type of gateway
that only allows one person through at a time). The other option is to add some sort of
surveillance on the gateway. Where security is critical and cost is no object, an access
control vestibule, or mantrap, could be employed. A mantrap is where one gateway
leads to an enclosed space protected by another barrier.

Question 11

Cable Locks

Answer 11

Cable locks attach to a secure point on the device chassis. A server chassis might come
with both a metal loop and a Kensington security slot. As well as securing the chassis
to a rack or desk, the position of the secure point prevents the chassis from being
opened, without removing the cable first.

Question 12

Physical Attacks Against Smart Cards and USB

Answer 12

Smart card attacks
•Cloning
•Skimming
•Card types and vulnerability level

Malicious USB/juice-jacking
•USB data blocker

Question 13

card cloning

Answer 13

Card cloning—this refers to making one or more copies of an existing card. A
lost or stolen card with no cryptographic protections can be physically duplicated.
Card loss should be reported immediately so that it can be revoked and a new one
issued. If there were a successful attack, it might be indicated by use of a card in a
suspicious location or time of day.

Question 14

Skimming

Answer 14

Skimming—this refers to using a counterfeit card reader to capture card details,
which are then used to program a duplicate. Some types of proximity card can quite
easily be made to transmit the credential to a portable RFID reader that a threat
actor could conceal on his or her person. Skimmers installed on public readers, such
as ATM machines, can be difficult to spot.

Question 15

•Card types and vulnerability level

Answer 15

These attacks can generally only target “dumb” smart cards that transfer tokens rather
than perform cryptoprocessing. Bank-issued smart cards, referred to as EMV (Electron,
MasterCard, Visa), can also be vulnerable through the magnetic strip, which is retained
for compatibility.

Question 16

Malicious USB/juice-jacking

Answer 16

•USB data blocker

Malicious USB charging cables and plugs are also a widespread problem. As with card
skimming, a device may be placed over a public charging port at airports and other
transit locations. A USB data blocker can provide mitigation against these juicejacking
attacks by preventing any sort of data transfer when the smartphone or laptop
is connected to a charge point

Question 17

Alarm and Sensor Systems

Answer 17

5 main types of alarms

Circuit
•Open or closed
•Detect intrusion through a barrier

Motion detection
•Radar or infrared
•Detect intrusion in a space

Noise detection

Proximity readers

Duress
•Fixed or mobile

Question 18

Circuit

Answer 18

Circuit
•Open or closed
•Detect intrusion through a barrier

Circuit—a circuit-based alarm sounds when the circuit is opened or closed,
depending on the type of alarm. This could be caused by a door or window opening
or by a fence being cut. A closed-circuit alarm is more secure because an open
circuit alarm can be defeated by cutting the circuit.

Question 19

Motion detection

Answer 19

Motion detection—a motion-based alarm is linked to a detector triggered by any
movement within an area (defined by the sensitivity and range of the detector), such
as a room. The sensors in these detectors are either microwave radio reflection
(similar to radar) or passive infrared (PIR), which detect moving heat sources.

Question 20

Noise detection

Answer 20

Noise detection—an alarm triggered by sounds picked up by a microphone. Modern
AI-backed analysis and identification of specific types of sound can render this type
of system much less prone to false positives.

Question 21

Proximity Readers

Answer 21

Proximity—radio frequency ID (RFID) tags and readers can be used to track the
movement of tagged objects within an area. This can form the basis of an alarm
system to detect whether someone is trying to remove equipment.

Question 22

Duress

Answer 22

Duress
•Fixed or mobile

Duress—this type of alarm is triggered manually by staff if they come under
threat. There are many ways of implementing this type of alarm, including wireless
pendants, concealed sensors or triggers, and DECT handsets or smartphones. Some
electronic entry locks can also be programmed with a duress code that is different
from the ordinary access code. This will open the gateway but also alert security
personnel that the lock has been operated under duress.

Question 23

Security Guards and Cameras

Answer 23

Security guards
•Police entry points
•Operate surveillance mechanisms
•Respond to alarms
Expensive

Remote surveillance and monitoring
•Video/CCTV
•Motion recognition
•Object detection
•Robot sentries
•]Drones/UAV

Question 24

CCTV (closed circuit television)

Answer 24

CCTV (closed circuit television) is a cheaper means of providing surveillance than
maintaining separate guards at each gateway or zone, though still not cheap to set up
if the infrastructure is not already in place on the premises. It is also quite an effective
deterrent. The other big advantage is that movement and access can be recorded. The
main drawback compared to the presence of security guards is that response times are
longer, and security may be compromised if not enough staff are in place to monitor
the camera feeds.

Question 25

Motion recognition

Answer 25

Motion recognition—the camera system might be configured with gait identification
technology. This means that the system can generate an alert when anyone moves
within sight of the camera and the pattern of their movement does not match a
known and authorized individual.

Question 26

•Object detection

Answer 26

the camera system can detect changes to the environment, such
as a missing server, or unknown device connected to a wall port.

Question 27

Robot sentries—

Answer 27

surveillance systems (and in some cases weapon systems) can be
mounted on a wholly or partially autonomous robot (switch.com/switch-sentry).

Question 28

Drones/UAV

Answer 28

Drones/UAV—cameras mounted on drones can cover wider areas than groundbased
patrols (zdnet.com/article/best-security-surveillance-drones-for-business).

Question 29

Reception Personnel and ID Badges

Answer 29

Challenge policy

Reception personnel and visitor logs
•Sign-in/sign-out
•Visitor information

Two-person integrity/control

ID badges

Question 30

Challenge policy

Answer 30

One of the most important parts of surveillance is the challenge policy. This sets out
what type of response is appropriate in given situations and helps to defeat social
engineering attacks. This must be communicated to and understood by the staff.
Challenges represent a whole range of different contact situations. For example:

• Challenging visitors who do not have ID badges or are moving about
unaccompanied.
• Insisting that proper authentication is completed at gateways, even if this means
inconveniencing staff members (no matter their seniority).
• Intruders and/or security guards may be armed. The safety of staff and compliance
with local laws has to be balanced against the imperative to protect the company’s
other resources.
It is much easier for employees to use secure behavior in these situations if they know
that their actions are conforming to a standard of behavior that has been agreed upon
and is expected of them.

Question 31

Reception personnel and visitor logs

Answer 31

Reception personnel and visitor logs
•Sign-in/sign-out
•Visitor information

An access list held at the reception area for each secure gateway records who is
allowed to enter. An electronic lock may be able to log access attempts or a reception
staff can manually log movement. At the lowest end, a sign-in and sign-out sheet can
be used to record authorized access. Visitor logging requirements will vary depending
on the organization, but should include at least the name and company being
represented, date, time of entry and departure, reason for visiting, and contact within
the organization.

Question 32

Two-person integrity/control

Answer 32

Reception areas for high-security zones might be staffed by at least two people at all
times, providing integrity for entry control and reducing the risk of insider threat.

Question 33

ID Badges

Answer 33

A photographic ID badge showing name and (perhaps) access details is one of the
cornerstones of building security. Anyone moving through secure areas of a building
should be wearing an ID badge; anyone without an ID badge should be challenged.
Color-coding could be used to make it obvious to which zones a badge is granted
access.

Question 34

Secure Areas

Answer 34

• Server rooms and data centers
• Lockable cabinets
• Colocation cages
• Air gaps and demilitarized zones
• Safes
• Vaults

Question 35

Air Gap/Demilitarized Zone

Answer 35

An air gapped host is one that is not physically connected to any network. n.

An air gap within a secure area serves the same function as a demilitarized zone. It is
an empty area surrounding a high-value asset that is closely monitored for intrusions.

Question 36

Protected cable distribution/protected distribution system (PDS)

Answer 36

A physically secure cabled network is referred to as protected cable distribution or as a
protected distribution system (PDS). There are two principal risks:•Prevent eavesdropping

•Prevent/delay cable cutting DoS

Question 37

Faraday Cage

Answer 37

Faraday Cage. The cage is a charged conductive mesh that blocks
signals from entering or leaving the area. The risk of eavesdropping from leakage
of electromagnetic signals was investigated by the US DoD who defined TEMPEST
(Transient Electromagnetic Pulse Emanation Standard) as a means of shielding the
signals.

Question 38

TEMPEST

Answer 38

(Faraday Cage) The risk of eavesdropping from leakage
of electromagnetic signals was investigated by the US DoD who defined TEMPEST
(Transient Electromagnetic Pulse Emanation Standard) as a means of shielding the
signals.

Question 39

Heating, Ventilation, Air Conditioning

Answer 39

I skipped this one. don’t think i need to study it

Question 40

Hot and Cold Aisles

Answer 40

Refer to diagram if you need to. this is pretty simple

• Optimize air flow
• Place servers back-to-back
• Hot aisle/cold aisle
• Do not allow contamination of cooled air by warmed air

Question 41

Fire safety

Answer 41

Fire safety
•Fire exits and evacuation procedures
•Fire-resistant building design (doors and walls fire resistant so fire does not spread
•Smoke/flame detectors/alarms

Question 42

Fire Extinguishers

Answer 42

Class C for use around electrical hazard

Notably, Class C extinguishers use
gas-based extinguishing and can be used where the risk of electric shock makes other
types unsuitable.

Question 43

Fire suppression

Answer 43

Fire suppression systems work on the basis of the fire triangle. The fire triangle
works on the principle that a fire requires heat, oxygen, and fuel to ignite and burn.
Removing any one of those elements provides fire suppression (and prevention).

Question 44

Sprinklers

Answer 44

Sprinklers
•Dry pipe
•Pre-action
•Halon
•Clean Agent

Question 45

Dry pipe

Answer 45

Dry-pipe—these are used in areas where freezing is possible; water only enters this
part of the system if sprinklers elsewhere are triggered.

Question 46

Pre-action

Answer 46

a pre-action system only fills with water when an alarm is triggered;
it will then spray when the heat rises. This gives protection against accidental
discharges and burst pipes and gives some time to contain the fire manually before
the sprinkler operates.

Question 47

Halon

Answer 47

Halon—gas-based systems have the advantage of not short circuiting electrical
systems and leaving no residue. Up until a few years ago, most systems used Halon
1301. The use of Halon has been banned in most countries as it is ozone depleting,
though existing installations have not been replaced in many instances and can
continue to operate legally.

Question 48

Clean Agent

Answer 48

Clean agent—alternatives to Halon are referred to as “clean agent.” As well as not
being environmentally damaging, these gases are considered nontoxic to humans.
Examples include INERGEN (a mixture of CO2, argon, and nitrogen), FM-200/HFC-
227, and FE-13. The gases both deplete the concentration of oxygen in the area
(though not to levels dangerous to humans) and have a cooling effect. CO2 can be
used too, but it is not safe for use in occupied areas.

Question 49

Secure Data Destruction

Answer 49

• Media sanitization/remnant removal
• Physical destruction
  
  • Burning/incineration
  • Shredding/pulping
  • Pulverizing
  • Degaussing
• Use of third-parties and certificates of destruction

Question 50

•Media sanitization/remnant removal

Answer 50

Media sanitization and remnant removal refer to erasing data from hard
drives, flash drives/SSDs, tape media, CD and DVD ROMs before they are disposed of
or put to a different use. Paper documents must also be disposed of securely. Data
remnants can be dealt with either by destroying the media or by purging it (removing
the confidential information but leaving the media intact for reuse).

Question 51

Use of third-parties and certificates of destruction

Answer 51

Due to the cost of facilities, physical destruction is likely to be contracted to a third
party. It is important to use a reputable service provider and to obtain a detailed
inventory of how each media item was sanitized and certificates of destruction.

Question 52

Secure disposal of electronic data remnants

Answer 52

• Secure disposal of electronic data remnants
• Overwriting/disk wiping
  
  • Zero filling
  • Multiple passes
• Secure Erase (SE)
  
  • Hard disk drives (HDD)
  • Solid state drives (SSD)/flash media
• Instant Secure Erase (ISE)/crypto erase
  
  • Self-encrypting drives (SED)
  • Delete media encryption key

Question 53

• Overwriting/disk wiping
  
  • Zero filling
  • Multiple passes

Answer 53

•Zero filling - The standard method of sanitizing an HDD is called overwriting. This can be performed
using the drive’s firmware tools or a utility program. The most basic type of overwriting
is called zero filling, which just sets each bit to zero..

Single pass zero filling can leave
patterns that can be read with specialist tools.

Multiple passes - more secure method is to overwrite
the content with one pass of all zeros, then a pass of all ones, and then a third pass in a
pseudorandom pattern. Some secret service agencies require more than three passes.
Overwriting can take a considerable amount of time to complete, depending on the
number of passes.

Question 54

• Secure Erase (SE)
  
  • Hard disk drives (HDD)
  • Solid state drives (SSD)/flash media

Answer 54

Reliable forHDD. Not for SDD.

Since 2001, the SATA and Serial Attached SCSI (SAS) specifications have included a
Secure Erase (SE) command. This command can be invoked using a drive/array utility
or the hdparm Linux utility. On HDDs, this performs a single pass of zero filling.

For SDDs not reliable

Question 55

• Instant Secure Erase (ISE)/crypto erase
  
  • Self-encrypting drives (SED)
  • Delete media encryption key

Answer 55

Better than Secure Erase.