Lesson 7 D Summarize Security Measures

Question 1

PHYSICAL ACCESS CONTROL

Answer 1

Physical security measures control who can access a building or a secure area of a building, such as a server room.

Question 2

Perimeter Security

Answer 2

Perimeter security uses barricades, fences, lighting, and surveillance to control and monitor who can approach the building or campus. Sites where there is a risk of a terrorist attack will use barricades such as bollards and security posts to prevent vehicles from crashing into the building or exploding a bomb near it.

Security fencing needs to be transparent (so that guards can see any attempt to penetrate it), robust (so that it is difficult to cut), and secure against climbing (which is generally achieved by making it tall and possibly by using razor wire). Fencing is generally effective, but the drawback is that it gives a building an intimidating appearance. Buildings that are used by companies to welcome customers or the public may use more discreet security methods.

Question 3

Access Control Vestibules

Answer 3

From the site perimeter, people should enter and leave the building through defined entry and exit points. There may be a single entrance or separate entrances for visitors and for staff. The main problem with a simple door as an entry mechanism is that it cannot accurately record who has entered or left an area. More than one person may pass through the gateway at the same time; a user may hold a door open for the next person; an unauthorized visitor may tailgate behind an authorized employee. This risk may be mitigated by installing a turnstile or an access control vestibule. An access control vestibule is where one gateway leads to an enclosed space protected by another barrier. This restricts access to one person at a time.

Question 4

Magnetometers

Answer 4

Surveillance at the building entrance might be enhanced by deploying a walk-through or handheld magnetometer . This type of metal detector is often deployed at airports and in public buildings to identify concealed weapons or other items.

Question 5

Security Guards

Answer 5

Human security guards can be placed in front of and around a location to protect it. They can monitor critical checkpoints and verify identification, allow or disallow access, and log physical entry occurrences. They also provide a visual deterrent and can apply their own knowledge and intuition to mitigating potential security breaches.

Question 6

Door locks can be categorized as follows:

Answer 6

• Key operated—A conventional lock prevents the door handle from being operated without the use of a key.
• Electronic—Rather than a key, the lock is operated by entering a PIN on an electronic keypad.
• Badge reader —Some types of electronic lock work with a hardware token rather than a PIN. The token might be a basic magnetic swipe card. A more advanced type of lock works with a cryptographic contactless smart card or key fob . These are much more difficult to clone than ordinary swipe cards.

Question 7

Biometric Door Locks

Answer 7

Some types of electronic locks use a biometric scanner so that the lock can be activated by a bio gesture:

• Fingerprint reader—This is usually implemented as a small capacitive cell that can detect the unique pattern of ridges making up the fingerprint. The technology is also nonintrusive and relatively simple to use, although moisture or dirt can prevent readings, and there are hygiene issues at shared-use gateways.
• Palmprint scanner —This is a contactless type of camera-based scanner that uses visible and/or infrared light to record and validate the unique pattern of veins and other features in a person’s hand. Unlike facial recognition, the user must make an intentional gesture to authenticate.
• Retina scanner —An infrared light is shone into the eye to identify the pattern of blood vessels. The arrangement of these blood vessels is highly complex and typically does not change from birth to death, except in the event of certain diseases or injuries. Retinal scanning is therefore one of the most accurate forms of biometrics. Retinal patterns are very secure, but the equipment required is expensive and the process is relatively intrusive and complex. False negatives can be produced by diseases such as cataracts.
  Other general issues with biometrics include privacy issues with capturing and storing personal information and discriminatory issues involving people who cannot make the required bio gesture.

Question 8

Equipment Locks

Answer 8

There are several types of equipment locks that act to prevent unauthorized physical access to servers and network appliances or prevent theft:

• Kensington locks are used with a cable tie to secure a laptop or other device to a desk or pillar and prevent its theft.
• Chassis locks and faceplates prevent the covers of server equipment from being opened. These can prevent access to external USB ports and prevent someone from accessing the internal fixed disks.
• Lockable rack cabinets control access to servers, switches, and routers installed in standard network racks. These can be supplied with key-operated or electronic locks.

Question 9

There are four main types of alarm system:

Answer 9

1. Circuit—A circuit-based alarm sounds when the circuit is opened or closed, depending on the type of alarm. This could be caused by a door or window opening or by a fence being cut.
2. Motion sensors —A motion-based alarm is linked to a detector triggered by movement within a room or other area. The sensors in these detectors are either microwave radio reflection ( radar, for example) or passive infrared (PIR), which detects moving heat sources.
3. Proximity—Radio frequency ID (RFID) tags and readers can be used to track the movement of tagged objects within an area. This can form the basis of an alarm system to detect whether someone is trying to remove equipment.
4. Duress—This type of alarm is triggered manually by staff if they come under threat. A duress alarm could be implemented as a wireless pendant, concealed sensor or trigger, or call contact. Some electronic entry locks can also be programmed with a duress code that is different from the ordinary access code. This will open the gateway but also alert security personnel that the lock has been operated under threat.

Question 10

Video surveillance

Answer 10

typically a second layer of security designed to improve the resilience of perimeter gateways. Surveillance may be focused on perimeter areas or within security zones themselves. This type of surveillance can be implemented with older-style CCTV (closed-circuit television) or with IP cameras. The surveillance system may be able to use motion detection or even facial recognition to alert staff to intrusion attempts.

Security lighting is important in contributing to the perception that a building is safe and secure at night. Well-designed lighting helps to make people feel safe, especially in public areas or enclosed spaces, such as parking garages. Security lighting also acts as a deterrent by making intrusion more difficult and surveillance (whether by camera or guard) easier. The lighting design needs to account for overall light levels, the lighting of particular surfaces or areas (allowing cameras to perform facial recognition, for instance), and avoiding areas of shadow and glare.