Physical Access Controls Flashcards
physical security controls: major controls (10)
W /alls, fencing and gates G /uards D /ogs I /D cards and badges L /ocks and keys M /antraps E /lectronic monitoring A /larms and alarm system C /omputer rooms and wiring closets I /nterior walls and doors
some of the oldest and most reliable elements of physical security
Walls, fencing and gates
external perimeter controls implemented as an essential starting point for org whose employees require access to physical locations the org owns or controls
Walls, fencing and gates
these types of controls vary widely in appearance and function, ranging from chain link or privacy fences that control where people should walk, to imposing concrete and masonry barriers designed to withstand the blast of a car bomb
Walls, fencing and gates
requires expert planning to ensure that it fulfills the security goals and that it presents an image appropriate to the organizations
Walls, fencing and gates: Exterior perimeter control
controls are static and are therefore unresponsive to actions unless they are programmed to respond with specific actions to specific stimuli, such as opening for someone who has the correct key
Fences and walls with gates
can evaluate each situation as it arises and make reasoned responses
Guards
SOPs
standard operating procedures
have clear SOPs that help them to act decisively in unfamiliar situations
Guards
can be a valuable part of physical security if they are integrated into the plan and managed properly
Dogs
are useful because of their keen sense of smell and hearing can detect intrusions that human guard cannot, and they can be placed in harms way when necessary to avoid risking the life of a person
Dogs
ID card (meaning)
identification card
typically concealed
ID card
visible
name badge
serve as simple forms of biometrics; may be visually coded to specify which buildings or areas may be accessed
ID cards and badges
have a magnetic strip or radio chip that can be read by automated control devices allow an organization to restrict access to sensitive areas within the facility.
ID cards
are not foolproof, and can be easily duplicated, stolen, or modified.
ID cards and name badges
occurs when an authorized person presents a key to open a door, and other people, who may or may not be authorized, also enter
Tailgating
two types of lock mechanisms
M /echanical
E /lectromechanical
may rely on a key that is a carefully shaped piece of metal, which is rotated to turn tumblers that release secured loops of steel, aluminum, or brass (as in, for example, brass padlocks).
Mechanical Lock
alternatively, may have a dial that rotates slotted discs until the slots on multiple disks are aligned, and then retracts a securing bolt (as in combination and safe locks).
Mechanical Lock
can accept a variety of inputs as keys, including magnetic strips on ID cards, radio signals from name badges, personal identification numbers (PINs) typed into a keypad, or some combination of these to activate the locking mechanism.
Electromechanical Lock
PINs (meaning)
personal identification numbers
input keys of electromechanical locks (3)
m /agnetic strips (ID cards)
r /adio signals (name badges)
P /INs (typed in keypads)
lock categories based on the triggering process (4)
M /anual
P /rogrammable
E /lectronic
B /iometric
are commonplace and well understood. If you have the key (or combination) you can open the lock. These locks are often preset by the manufacturer and therefore unchangeable
Manual Locks
can be integrated into alarm systems and combined with other building management systems. Also, these locks can be integrated with sensors to create various combinations of locking behavior. One such combination is a system that coordinates the use of fire alarms and locks to improve safety during alarm conditions (i.e., fires).
Electronic locks
A common enhancement for locks in high security areas
Mantraps
small enclosure that has separate entry and exit points.
Mantrap
To gain access to the facility, area, or room, a when a person, requests access via some form of electronic or biometric lock and key, and if confirmed, exits the mantrap into the facility. Otherwise the person cannot leave the mantrap until a security official overrides the enclosure’s automatic locks.
Mantrap
can be used to record events within a specific area that guards and dogs might miss, or in areas where other types of physical controls are not practical.
Electronic Monitoring
CCT (meaning)
closed-circuit television
notify people or systems when a predetermined event or activity occurs.
Alarms and Alarm Systems
can detect a physical intrusion or other untoward event. This could be a fire, a break-in, an environmental disturbance such as flooding, or an interruption in services such as a loss of power.
Alarms
commonly found in residential and commercial environments, detect intrusions into unauthorized areas and notify either a local or remote security agency to react.
Burglar Alarm
sensors that alarms and alarm systems needed: (5)
M /otion Detectors T /hermal Detectors G /lass Breakage Detectors W /eight Sensors C /ontact Sensors
require special attention to ensure the confidentiality, integrity, and availability of information.
Computer Rooms and Wiring Closets
For an outline of the physical and environmental controls needed for computer rooms read the Technical Box entitled:
“Physical and Environmental Controls for Computer Rooms.”
types of walls in a facility (2)
S /tandard Interior
F /irewalls
walls that limit the spread of damage should a fire break out in an office.
Firewalls
isolate the logical subnetworks of the organization
Network firewalls
isolate the physical spaces of the organization’s offices.
Physical firewalls