Physical Security Design Flashcards
What are Physical Access Controls generally intended to do? (QTY 6)
1) Deter potential Intruders
2) Distinguish authorized from unauthorized people
3) Delay, frustrate, and prevent intrusion attempts
4) Detect intrusions and monitor intruders
5) Trigger appropriate response
6) Deny by opposing or negating the effects of a covert or overt action.
What are the three ways an adversary can attack a site?
1) From Inside (Intrusion)
2) From Outside (badaboom, chemical, weapons, biological, radioactive)
3) A combination of both (collusion)
What are the three elements of a PPS? What three measures can implementations of the elements be divided into?
Elements:
1) Architectural
2) Operational
3) Security Systems
Measures:
1) Preventive
2) Corrective (reduce effects of an attack and restore facility to normal operations)
3) Detective
What are the three steps for identifying preventive measures?
1) Determine and evaluate significant threats or hazards and exposure, and estimate the likelihood of occurrence. Determine critical control points and risks at those points.
2) Develop and implement preventive controls to reduce threats and hazards.
3) Develop written security monitoring procedures for each critical control point.
What is a critical control point?
The point where a countermeasure can be applied to reduce the risk.
What is the high level cost breakdown for a PPS project?
10-15% Design and Engineering
15-20% Hardware and Software
40-50% Installation
3-5% Training
10% Contingency
Does Technology replace manpower?
No, it is a force multiplier.
What are the three types of coaxial cabling?
RG-6 (Less than 750ft/228.6m)
RG-11 (750ft/228.6m to 1500ft/457.2m)
RG-59 (1500ft/457.2m to 2500ft/762m)
For longer go fibre
What are the goals of a lightning protection system?
1) Limit step or contact voltage and induced voltage
2) Limit fire propagation
3) Reduce the effect of surges on sensitive equipment
What is the difference between Vertical/Riser cabling and Horizontal cabling?
Vertical/Riser cabling connects rooms on different floors.
Horizontal cabling connects to individual outlets on the same floor.
What are the advantages of EoC?
1) Reduced labour cost (no new cable pulling)
2) Extended cable distance.
3) Less network hardware needed.
4) No need to PoE inserters.
5) Transparency to the network (no network setup is required)
6) Flexible sitting (indoors and outdoors cameras)
What are the four IT access/permission levels?
1) A person with general responsibility and may be expected to investigate and initially respond to a security alarm or trouble signal.
2) Specific security responsibility and is trained to operate the system.
3) For persons trained and authorized to: reconfigure site specific data within the system.
4) Persons who are trained to repair or alter site specific data that changes the mode of operations.
What is a critical detection point?
The point where delay time exceeds the response force time.
What is the difference between point and area security?
Area security is when the perimeter and entry’s have a high level of security.
Point security is when the perimeter is loosely controlled and only specific areas or zones, such as a building envelop, have a high level of security.
What is the difference between critical and supportive assets?
Critical-necessary for continuation of business continuity.
Supportive assets: not critical, but support critical process
