Physical Security Flashcards
Objectives 1.2 and 2.4
Define / Explain
Physical Security
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
Measures to protect tangible assets (buildings, equipment, people) from harm or unauthorized access
Physical Security
Define / Explain
Define / Explain
Bollards
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
Short, sturdy vertical posts controlling or preventing vehicle access
Physical Security
Define / Explain
Define / Explain
Fences
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
Barriers made of posts and wire or boards to enclose or separate areas
Physical Security
Define / Explain
Informational
Bruce Force Attacks
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
- Forcible entry
- Tampering with security devices
- Confronting security personnel
- Ramming a barrier with a vehicle
Physical Security
Informational
Define / Explain
Surveillance Systems
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
An organized strategy to observe and report activities
Physical Security
Define / Explain
Informational
Surveillance Systems Components
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
- Video surveillance
- Security guards
- Lighting
- Sensors
Physical Security
Informational
Define / Explain
Access Control Vestibules
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
- Double-door system electronically controlled to allow only one door to open at a time
- Prevents piggybacking and tailgating
Physical Security
Define / Explain
Informational / List
Door Locks
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
- Padlocks
- Pin and tumbler locks
- Numeric locks
- Wireless locks
- Biometric locks
- Cipher locks
- Electronic access control systems
Physical Security
Informational / List
Define / Explain
Access Badges
Physical Security
Obj. 1.2 - Summarize fundamental security concepts
Obj. 2.4 - Analyze indicators of malicious activity
Use of Radio Frequency Identification (RFID) or Near Field Communication (NFC) for access
Physical Security
Define / Explain
Define / Explain
Fence
Fencing and Bollards
Obj. 1.2 - Summarize fundamental security concepts
- Structure that encloses an area using interconnected panels or posts
- Provides a visual deterrent by defining a boundary that should not be violated by unauthorized personnel
- Establish a physical barrier against unauthorized entry
- Effectively delay intruders which helps provide our security personnel a longer window of time to react
Fencing and Bollards
Define / Explain
Informational
Fencing…
Fencing and Bollards
Obj. 1.2 - Summarize fundamental security concepts
is considered to be more adaptable and well-suited for safeguarding large perimeters around the entire building
Fencing and Bollards
Informational
Define / Explain
Bollards
Fencing and Bollards
Obj. 1.2 - Summarize fundamental security concepts
Robust, short vertical posts, typically made of steel or concrete, that are designed to manage or redirect vehicular traffic
Fencing and Bollards
Define / Explain
Informational
Bollards…
Fencing and Bollards
Obj. 1.2 - Summarize fundamental security concepts
are designed to counter vehicular threats in a specific area
Fencing and Bollards
Informational
Define / Explain
Brute Force
Attacking with Brute Force
Obj. 2.4 - Analyze indicators of malicious activity
Type of attack where access to a system is gained by simply trying all of the possibilities until you break through
Attacking with Brute Force
Define / Explain
Informational / List
Forcible Entry
Attacking with Brute Force
Obj. 2.4 - Analyze indicators of malicious activity
- Act of gaining unauthorized access to a space by physically breaking or bypassing its barriers, such as windows, doors, or fences
- Use high-strength doors with deadbolt locks, metal frames, or a solid core
Attacking with Brute Force
Informational / List
Informational / List
Tampering with security devices
Attacking with Brute Force
Obj. 2.4 - Analyze indicators of malicious activity
- Involves manipulating security devices to create new vulernabilities that can be exploited
- To protect against tampering with security devices, have redundancy in physical security measures
Attacking with Brute Force
Informational / List
Informational / List
Confronting security personnel
Attacking with Brute Force
Obj. 2.4 - Analyze indicators of malicious activity
- Involves the direct confrontation or attack of your organization’s security personnel
- Security personnel should undergo rigorous conflict resolution and self-defense training to mitigate risks
Attacking with Brute Force
Informational / List
Informational / List
Ramming barriers with vehicles
Attacking with Brute Force
Obj. 2.4 - Analyze indicators of malicious activity
- Uses a car, truck, or other motorized vehicle to ram into the organization’s physical security barriers, such as a fence, a gate, or even the side of your building
- Install bollards or reinforced barriers to prevent vehicles from driving in your facilities
Attacking with Brute Force
Informational / List
Define / Explain
Surveillance System
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
Organized strategy or setup designed to observe and report activities in a given area
Surveillance Systems
Define / Explain
Informational
Surveillance is often comprised of four main categories…
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
- Video Surveillance
- Security Guards
- Lighting
- Sensors
Surveillance Systems
Informational
Informational
Video Surveillance can include the following…
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
- Motion detection
- Night vision
- Facial recognition
Surveillance Systems
Informational
Informational
Video Surveillance provides…
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
- Remote access
- Real-time visual feedback
- A wired solution security camera with a physical cable from the device back to the central monitoring station
- A wireless solution which relies on Wi-Fi to send its signal back to the central monitoring station
Surveillance Systems
Informational
Define / Explain
Pan-Tilt-Zoom (PTZ) System
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
Can move the camera or its angle to better detect issues during an intrustion
Surveillance Systems
Define / Explain
Informational
Best places to have cameras…
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
- Data center
- Telecommunications closets
- Entrance or exit areas
Surveillance Systems
Informational
Informational
Security Guards
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
- Flexible and adaptable forms of surveillance that organizations use
- Helps to reassure your staff or your customers that they are safe
Surveillance Systems
Informational
Informational
Lighting
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
- Proper lighting is crucial for conducting effective surveillance using both video and security guards
- If you create well-lit areas, this can deter criminals, reduce shadows and hiding spots, and enhance the quality of your video recordings
Surveillance Systems
Informational
Define / Explain
Sensors
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
Devices that detect and respond to external stimuli or changes in the environment
Surveillance Systems
Define / Explain
Informational
There are four categories of sensors…
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
- Infared Sensors
- Pressure Sensors
- Microwave Sensors
- Ultrasonic Sensors
Surveillance Systems
Informational
Define / Explain
Infared Sensors
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
Detect changes in infared radiation that is often emitted by warm bodies like humans or animals
Surveillance Systems
Define / Explain
Define / Explain
Pressure Sensors
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
Activated whenever a specified minimum amount of weight is detected on the sensor that is embedded into the floor or a mat
Surveillance Systems
Define / Explain
Define / Explain
Microwave Sensors
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
Detect movement in an area by emitting microwave pulses and measuring their reflection off moving objects
Surveillance Systems
Define / Explain
Define / Explain
Ultrasonic Sensors
Surveillance Systems
Obj. 1.2 - Summarize fundamental security concepts
Measures the reflection of ultrasonic waves off moving objects
Surveillance Systems
Define / Explain
Informational
Different methods used by attackers to bypass surveillance systems…
Bypassing Surveillance Systems
Obj. 2.4 - Analyze indicators of malicious activity
- Visual Obstruction
- Blinding Sensors and Cameras
- Interfering with Acoustics
- Interfering with Electromagnetic (EMI)
- Attacking the Physical Environment
Bypassing Surveillance Systems
Informational
Define / Explain
Visual Obstruction
Bypassing Surveillance Systems
Obj. 2.4 - Analyze indicators of malicious activity
Blocking the camera’s line of sight
Bypassing Surveillance Systems
Define / Explain
Informational
Visual Obstruction can involve the following…
Bypassing Surveillance Systems
Obj. 2.4 - Analyze indicators of malicious activity
- Spraying paint or foam onto the camera lens
- Placing a sticker or tape over the lens
- Positioning objects like balloons or umbrellas in front of the camera to block its view
Bypassing Surveillance Systems
Informational
Define / Explain
Blinding Sensors and Cameras
Bypassing Surveillance Systems
Obj. 2.4 - Analyze indicators of malicious activity
Involves overwhelming the sensor or camera with a sudden burst of light to render it ineffective for a limited period of time
Bypassing Surveillance Systems
Define / Explain
Define / Explain
Interfering with Acoustics
Bypassing Surveillance Systems
Obj. 2.4 - Analyze indicators of malicious activity
- Acoustic systems are designed to listen to the environment to detect if someone is in the area or to eavesdrop on their conversations
- Jamming or playing loud music to disrupt the microphone’s functionality
Bypassing Surveillance Systems
Define / Explain
Define / Explain
Electromagnetic Interference
(EMI)
Bypassing Surveillance Systems
Obj. 2.4 - Analyze indicators of malicious activity
Involves jamming the signals that surveillance system relies on to monitor the environment
Bypassing Surveillance Systems
Define / Explain
Define / Explain
Attacking the Physical Environment
Bypassing Surveillance Systems
Obj. 2.4 - Analyze indicators of malicious activity
Exploit the environment around the surveillance equipment to compromise their functionality
Bypassing Surveillance Systems
Define / Explain
Define / Explain
Access Control Vestibules
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
Double-door system that is designed with two doors that are electronically controlled to ensure that only one door can be open at a given time
Access Control Vestibules
Define / Explain
Define / Explain
Piggybacking
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
Involves two people working together with one person who has legitimate access intentionally allows another person who doesn’t have proper authorization to enter a secure area with them
Access Control Vestibules
Define / Explain
Define / Explain
Tailgating
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
Occurs whenever an unauthorized person closely follows someone through the access control vestibule who has legitimate access into the secure space without their knowledge or consent
Access Control Vestibules
Define / Explain
Informational
Piggybacking
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
Piggybacking uses social engineering to gain consent of the person with legitimate access
Access Control Vestibules
Informational
Informational
Tailgating
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
Tailgating doesn’t use or obtain the consent of the person with legitimate access
Access Control Vestibules
Informational
Informational
Access control vestibules…
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
are usually integrated with electronic badges and operated by a security guard at the entrance to a secure facility or office building
Access Control Vestibules
Informational
Define / Explain
Badges contain…
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
- Radio-Frequency Identification (RFID)
- Near-field Communication (NFC)
- Magnetic strips
Access Control Vestibules
Define / Explain
Informational
Security guards are often at access control vestibules because they provide…
Access Control Vestibules
Obj. 1.2 - Summarize fundamental security concepts
- Visual deterrent
- Assistance
- Check identity
- Response
Access Control Vestibules
Informational
Define / Explain
Door Locks
Door Locks
Obj. 1.2 - Summarize fundamental security concepts
Critical physical security control measure designed to restrict and regulate access to specific spaces or properties, preventing unauthorized intrusions and safeguarding sensitive data and individuals
Door Locks
Define / Explain
List
Types of Door Locks
Door Locks
Obj. 1.2 - Summarize fundamental security concepts
- Traditional Padlocks
- Basic Door Locks
- Modern Electronic Door Locks
- Cipher Locks
Door Locks
List
Define / Explain
Traditional Padlocks
Door Locks
Obj. 1.2 - Summarize fundamental security concepts
Easily defeated and offer minimal protection
Door Locks
Define / Explain
Define / Explain
Basic Door Locks
Door Locks
Obj. 1.2 - Summarize fundamental security concepts
Vulnerable to simple techniques like lock picking
Door Locks
Define / Explain
List
Modern Electronic Door Locks
Door Locks - Authentication Methods
Obj. 1.2 - Summarize fundamental security concepts
- Identification Numbers
- Wireless Signals
- Biometrics
Door Locks - Authentication Methods
List
Define / Explain
Identification Numbers
Door Locks - Modern Electronic Door Locks, Authentication Methods
Obj. 1.2 - Summarize fundamental security concepts
Require entry of a unique code, providing a balance of security and convenience
Door Locks - Modern Electronic Door Locks, Authentication Methods
Define / Explain
Define / Explain
Wireless Signals
Door Locks - Modern Electronic Door Locks, Authentication Methods
Obj. 1.2 - Summarize fundamental security concepts
Utilize technologies like NFC, Wi-Fi, Bluetooth, or RFID for unlocking
Door Locks - Modern Electronic Door Locks, Authentication Methods
Define / Explain
Define / Explain
Biometrics
Door Locks - Modern Electronic Door Locks, Authentication Methods
Obj. 1.2 - Summarize fundamental security concepts
Rely on physical characteristics like fingerprints, retinal scans, or facial recognition for authentication
Door Locks - Modern Electronic Door Locks, Authentication Methods
Define / Explain
Define / Explain
False Acceptance Rate
(FAR)
Door Locks - Modern Electronic Door Locks, Biometric Challenges
Obj. 1.2 - Summarize fundamental security concepts
- Occurs when the system erroneously authenticates an unauthorized user
- Lower FAR by increasing scanner sensitivity
Door Locks - Modern Electronic Door Locks, Biometric Challenges
Define / Explain
Define / Explain
False Rejection Rate
(FRR)
Door Locks - Modern Electronic Door Locks, Biometric Challenges
Obj. 1.2 - Summarize fundamental security concepts
- Denies access to an unauthorized user
- Increasing sensitivity can increase FRR
Door Locks - Modern Electronic Door Locks, Biometric Challenges
Define / Explain
Define / Explain
Crossover Error Rate (CER)
Equal Error Rate (EER)
Door Locks - Modern Electronic Door Locks, Biometric Challenges
Obj. 1.2 - Summarize fundamental security concepts
A balance between FAR and FRR for optimal authentication effectiveness
Door Locks - Modern Electronic Door Locks, Biometric Challenges
Define / Explain
Define / Explain
Cipher Locks
Door Locks
Obj. 1.2 - Summarize fundamental security concepts
- Mechanical locks with numbered push buttons, requiring a correct combination to open
- Commonly used in high-security areas like server rooms
Door Locks
Define / Explain
Define / Explain / List
What are two popular technologies used in various applications for contactless authentication?
Access Badge Cloning
Obj. 2.4 - Analyze indicators of malicious activity
Radio Frequency Identification (RFID)
Near Field Communication (NFC)
Access Badge Cloning
Define / Expain / List
Define / Explain
Access Badge Cloning
Access Badge Cloning
Obj. 2.4 - Analyze indicators of malicious activity
Copying the data from an RFID or NFC card or badge onto another card or device
Access Badge Cloning
Define / Explain
List
How does an attacker clone an access badge?
Access Badge Cloning
Obj. 2.4 - Analyze indicators of malicious activity
- Step 1: Scanning
- Step 2: Data Extraction
- Step 3: Writing to a new card or device
- Step 4: Using the cloned access badge
Access Badge Cloning
List
Define / Explain
Step 1: Scanning
Access Badge Cloning - How does an attacker clone an access badge?
Obj. 2.4 - Analyze indicators of malicious activity
Scanning or reading the targeted individual’s access badge
Access Badge Cloning - How does an attacker clone an access badge?
Define / Explain
Define / Explain
Step 2: Data Extraction
Access Badge Cloning - How does an attacker clone an access badge?
Obj. 2.4 - Analyze indicators of malicious activity
Attackers extract the relevant authentication credentials from the card, such as a unique identifier or a set of encrypted data
Access Badge Cloning - How does an attacker clone an access badge?
Define / Explain
Define / Explain
Step 3: Writing to a new card or device
Access Badge Cloning - How does an attacker clone an access badge?
Obj. 2.4 - Analyze indicators of malicious activity
Attacker transfers the extracted data onto a blank RFID or NFC card or another compatible device
Access Badge Cloning - How does an attacker clone an access badge?
Define / Explain
Define / Explain
Step 4: Using the cloned access badge
Access Badge Cloning - How does an attacker clone an access badge?
Obj. 2.4 - Analyze indicators of malicious activity
Attackers gain unauthorized access to buildings, computer systems, or even make payments using a cloned NFC-enabled credit card
Access Badge Cloning - How does an attacker clone an access badge?
Define / Explain
Informational / List
Access badge cloning is common because of its…
Access Badge Cloning
Obj. 2.4 - Analyze indicators of malicious activity
- Ease of execution
- Ability to be stealthy when conducting the attack
- Potentially widespread use in compromising physical security
Access Badge Cloning
Informational / List
Informational / List
How can you stop access badge cloning?
Access Badge Cloning
Obj. 2.4 - Analyze indicators of malicious activity
- Implement advanced encryption in your card-based authentication systems
- Implement Multi-Factor Authentication (MFA)
- Regularly update your security protocols
- Educate your users
- Implement the use of shielded wallets or sleeves with your RFID access badges
- Monitor and audit your access logs
Access Badge Cloning
Informational / List
