Physical Security Flashcards
What can be done locally to secure switches and routers? (Choose two.)
Cable lock.
Use SSH instead of Telnet.
Set a console port password.
Disable unused ports.
Set a console port password.
Disable unused ports.
A console port enables a local user to plug a cable into the router or switch to administer the device locally, so a strong password is recommended. Disabling unused switch ports and router interfaces prevents unauthorized people from gaining access to the device or the network
Which of the following would not be a physical security concern?
USB flash drive
Workstation
USB mouse
USB mouse
A Universal Serial Bus (USB) mouse does not store data and does not grant access to data, so it is not a security concern
You are configuring an uninterruptible power supply (UPS) for your three servers such that in the event of a power failure, the servers will shut down gracefully. Which term best describes this configuration?
Fail-open
Fail-safe
False positive
Fail-safe
Fail-safe is a term meaning a response to a failure will result in the least amount of damage. For example, during a power outage, servers connected to the uninterruptible power supply (UPS) will have enough power to shut down properly
In the event of a physical security breach, what can you do to secure data in your server room? (Choose three.)
Install a UPS.
Use TPM.
Prevent booting from removal devices.
Lock the server chassis.
Use TPM.
Prevent booting from removal devices.
Lock the server chassis.
A Trusted Platform Module (TPM) is a chip used with hard disk encryption. Data on disks taken from one TPM system and placed in another TPM or non-TPM machine will not be accessible. Preventing removable media boot is critical, because many free tools can reset administrative passwords this way. Physically locking the server chassis further deters an intruder from stealing physical hard disks
What can limit the data emanation from electromagnetic radio frequencies?
Faraday cage
Antistatic wrist strap
ESD mat
Faraday cage
Data emanation results from the electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversations or to steal data. Faraday cages enclose electronic equipment to prevent data emanation or to protect components from external static charges
How can security guards verify whether somebody is authorized to access a facility? (Choose two.)
Employee ID badge
Username and password
Access list
Smart card
Employee ID badge
Access list
An employee ID badge enables physical verification that somebody is allowed to access a building. An access list defines who is allowed to access a facility
Which of the following is the first step in preventing physical security breaches?
Firewall
IDS
Perimeter fencing and gates
Perimeter fencing and gates
The first step in physical security involves perimeter fencing and gates to prevent intruders from getting on the property
While reviewing facility entry points, you decide to replace existing doors with ones that will stay locked during power outages. Which term best describes this feature?
Fail-secure
Fault-tolerant
Fail-safe
Fail-secure
Fail-secure systems ensure that a component failure (such as a power source) will not compromise security; in this case, the doors will stay locked
What advantages do human security guards have over video camera surveillance systems? (Choose two.)
Human security guards have more detailed memory than saved video surveillance.
Human security guards can notice abnormal circumstances.
Human security guards can detect smells.
Human security guards can recall sounds more accurately than saved video surveillance.
Human security guards can notice abnormal circumstances.
Human security guards can detect smells.
Video surveillance systems cannot detect smells or notice anything out of the ordinary, as a human security guard could
A data center IT director requires the ability to analyze facility physical security breaches after they have occurred. Which of the following present the best solutions? (Choose two.)
Motion sensor logs
Laser security system
Mantrap
Software video surveillance system
Motion sensor logs
Software video surveillance system
Motion sensor logs can track a perpetrator’s position more accurately than most video systems; however, software video surveillance can be played back and used to physically identify unauthorized people. To conserve disk space, most solutions record only when there is motion
Which of the following physical access control methods do not normally identify who has entered a secure area? (Choose two.)
Mantrap
Hardware locks
Fingerprint scan
Smart card
Mantrap
Hardware locks
Mantraps are designed to trap trespassers in a restricted area. Some mantrap variations use two sets of doors, one of which must close before the second one opens. Traditional mantraps do not require access cards. Hardware locks simply require possession of a key, although proper physical key management is necessary to track key issuance and return. Neither reveals the person’s identity
You would like to minimize disruption to your IT infrastructure. Which of the following environmental factors should you monitor? (Choose three.)
Air flow
Tape backups
Server hard disk encryption
Humidity
Power
Air flow
Humidity
Power
Enterprise-class environmental monitoring solutions track a variety of items such as air flow, humidity, and power availability. Any of these variables could create unfavorable conditions in a server room resulting in server downtime
Your company has moved to a new location where a server room is being built. The server room currently has a water sprinkler system in case of fire. Regarding fire suppression, what should you suggest?
Keep the existing water sprinkler system.
Purchase a smoke detection waterless fire suppression system.
Place a fire extinguisher in the server room.
Purchase a smoke detection waterless fire suppression system.
Assuming local building codes allow, you should suggest waterless fire suppression systems, because they will not damage or corrode computer systems or components like water will
A data center administrator uses thermal imaging to identify hot spots in a large data center. She then arranges rows of rack-mounted servers such that cool air is directed to server fan inlets and hot air is exhausted out of the building. Which of the following terms best define this scenario?
HVAC
Form factoring
Hot and cold aisles
Hot and cold aisles
Hot and cold aisles are an important consideration in data center cooling. Equipment layout and raised floors to distribute cold air are a few examples of the specifics involved
Which access control method electronically logs entry into a facility?
Picture ID card
Security guard and log book
Proximity card
Proximity card
Proximity cards must be positioned within a few inches of the reader to register the card number and either allow or deny access to a facility. All access is logged electronically without the need of a physical log book or security guard