Lesson 21 - Explain the Importance of Physical Site Security Controls

Question 1

Controls that restrict, detect, and monitor access to specific physical areas or assets through measures such as physical barriers, physical tokens, or biometric access controls.

Answer 1

Physical access controls

Question 2

create access lists and identification mechanisms to allow approved persons through the barriers.

Answer 2

Authentication

Question 3

create barriers around a resource so that access can be controlled through defined entry and exit points.

Answer 3

Authorization

Question 4

keep a record of when entry/exit points are used and detect security breaches.

Answer 4

Accounting

Question 5

Scanner that reads data from an RFID or NFC tag when in range.

Answer 5

proximity reader

Question 6

A type of gateway that only allows one person through at a time.

Answer 6

turnstile

Question 7

A secure entry system with two gateways, only one of which is open at any one time.

Answer 7

mantrap

Question 8

Devices can be physically secured against theft using cable ties and padlocks. Some systems also feature lockable faceplates, preventing access to the power switch and removable drives.

Answer 8

Cable locks

Question 9

Duplicating a smart card by reading (skimming) the confidential data stored on it.

Answer 9

Card cloning

Question 10

Duplicating a smart card by reading (skimming) the confidential data stored on it.

Answer 10

Skimming

Question 11

Hardware plug to prevent malicious data transfer when a device is plugged into a USB charging point.

Answer 11

USB data blocker

Question 12

A device that transforms one type of energy into another (typically light into an electrical signal).

Answer 12

sensors

Question 13

Installation of video cameras to supply security monitoring data to a centralized management station.

Answer 13

CCTV (closed circuit television)

Question 14

A remote-controlled or autonomous robot capable of patrolling site premises or monitoring gateways.

Answer 14

Robot sentries

Question 15

A type of network isolation that physically separates a network from all other networks.

Answer 15

air gapped

Question 16

A wire mesh container that blocks external electromagnetic fields from entering into the container.

Answer 16

Faraday Cage

Question 17

Building control systems maintain an optimum heating, cooling, and humidity level working environment for different parts of the building.

Answer 17

HVAC (Heating, Ventilation, Air Conditioning)

Question 18

Arrangement of server racks to maximize the efficiency of cooling systems.

Answer 18

hot aisle/cold aisle

Question 19

A disruption of electrical current that occurs when a magnetic field around one electrical circuit interferes with the signal being carried on an adjacent circuit.

Answer 19

(Electromagnetic Interference [EMI])

Question 20

Arrangement of server racks to maximize the efficiency of cooling systems.

Answer 20

hot aisle/cold aisle

Question 21

A disruption of electrical current that occurs when a magnetic field around one electrical circuit interferes with the signal being carried on an adjacent circuit.

Answer 21

(Electromagnetic Interference [EMI])
To reduce interference, data/network cabling should not be run parallel to power cabling. If EMI is a problem, shielded cabling can be installed. Alternatively, the copper cabling could be replaced with fiber optic cabling, which is not susceptible to EMI.

Question 22

Fire detection and suppression systems are mandatory in most public and private commercial premises. Water-based fire suppression is a risk to computer systems, both in the event of fire and through the risk of flood. Alternatives include dry pipe and gas-based systems.

Answer 22

Fire suppression

Question 23

The process of thorough and completely removing data from a storage medium so that file remanants cannot be recovered.

Answer 23

Media sanitization

Question 24

Leftover information on a storage medium even after basic attempts have been made to remove that data.

Answer 24

Data remnants

Question 25

The process of rendering a storage drive inoperable and its data unrecoverable by eliminating the drive’s magnetic charge.

Answer 25

Degaussing
exposing a hard disk to a powerful electromagnet disrupts the magnetic pattern that stores the data on the disk surface.
Note that SSDs, flash media, and optical media cannot be degaussed, only hard disk drives.

Question 26

hitting a hard drive with a hammer can leave a surprising amount of recoverable data, so this type of destruction should be performed with industrial machinery.

Answer 26

Pulverizing

Question 27

The standard method of sanitizing an HDD

Answer 27

overwriting
The most basic type of overwriting is called zero filling, which just sets each bit to zero.
A more secure method is to overwrite the content with one pass of all zeros, then a pass of all ones, and then a third pass in a pseudorandom pattern.

Question 28

A method of sanitizing a drive using the ATA command set.

Answer 28

Secure Erase (SE)
Since 2001, the SATA and Serial Attached SCSI (SAS) specifications have included a Secure Erase (SE) command.
This command can be invoked using a drive/array utility or the hdparm Linux utility. On HDDs, this performs a single pass of zero-filling.

Question 29

A method of sanitizing a drive by setting all bits to zero.

Answer 29

zero-filling