Physical security controls Flashcards
What is industrial camouflage?
Concealing an important facility like a datacenter in plain sight, by making it just look like a normal building, not putting any kind of branding on it, etc.
What are cable locks?
A way of temporarily securing a device to prevent it from being stolen.
Allows you to connect your hardware to something solid with a cable.
What is a USB data blocker?
A USB data blocker is an adapter that allows you to plug in a USB device for charging into an unfamiliar USB interface, without any concerns about it taking data as well, avoiding “juice jacking”
What is a faraday cage?
A mesh of conductive material that blocks/cancels the electromagnetic field’s effect happening on the interior.
Like the window of a microwave oven.
Not all signal types will be blocked though.
Also this can restrict access to mobile networks, so its important to have something in place for if an emergency phone call needed to be made.
What is a screened subnet?
Formerly known as a demilitarized zone (DMZ)
This is an additional layer of security between the internet and you, achieved by using a firewall.
The public will still be able to access their public resources, but your internal network will be inaccessible this way.
What is a PDS or protected distribution system?
In some very secure facilities you may need a way to physically secure your entire infrastructure.
This means that all of your cables and fibers will be protected with the use of metal conduits.
This is meant to prevent people from gaining physical access to cables and fibers to cut them (DoS) or to place a tap.
It is important to check on these periodically.
What is an Air gap?
An air gap is a separation between networks at a physical level.
Completely separating networks from each other to make it so no type of movement from other systems to the airgapped system would be possible
What are hot and cold aisles?
Data centers generate a lot of heat from all of the equipment used.
Hot and cold aisles are a way of conserving energy and lowering costs by optimizing your cooling strategy.
Typically this would include alternating hot aisles and cold aisles at a datacenter, cold aisles would have cold air coming through and then being fed into the equipment, this would generate heat that was pushed into the hot aisle, which would then be sucked out and cooled down, and recycled back through to a cold aisle.
What is the difference between purging data and wiping data?
Purging data would entail deleting only some of it from an existing storage device.
Wiping data would entail completely removing all data from a device to a point it could never be restored, but usually with the intention of reusing the device. so you don’t want to destroy it. A wipe usually overwrites data storage locations at least once, but it is common for it to be done multiple times.
in regards to data destruction what is DBAN and what is it used for?
Darik’s boot and nuke(DBAN) is used for wiping an entire drive
What is Sdelete on windows?
Sdelete is a way of doing file level overwriting for the purpose of data destruction, So that individual files can never be recovered.
It is available from Windows Sysinternals
