Physical security - Garima's Deck Flashcards
What are the primary functions of a PPS?
Detection, Delay and Response
What is a defence in depth approach?
An adversary must avoid or defeat a number of protective devices or features in sequence.
What is the purpose of the design concept?
The design concept incorporates the basis of design; documents its findings, conclusions and recommendations from any initial survey, and is the first opportunity to document the project’s design.
What approach generally yields the most effective design solution a problem?
Systems approach
What is Risk Management?
Risk Management is coordinated activities to direct and control an organization with regard to risk.
What does Risk Management rely on?
Risk Management relies on risk assessment, which in turn relies on vulnerability assessment.
What does Risk Assessment rely on?
Vulnerability Assessment
What are the classes in which adversaries can be classified?
Outsiders, Insiders, and outsiders in collusion with insiders.
What are the four estimates of likelihood of attack?
Frequency estimate, possibility estimate, qualitative estimate, conditional estimate
What type of estimate of likelihood of attack ranks the attack possibility of an event?
Qualitative estimate
A well designed and integrated PPS is more effective against ____________ (fill in the blanks)
low level threats than high high level threats.
A well designed and integrated PPS is more effective against ____________ (fill in the blanks)
low level threats than high high level threats.
If a PPS is not meeting its goals and objectives it is time to begin
Part II of the PPS system - the design phase.
Which is the most difficult security measure to quantify
deterrance
Why is detection, in itself, worth little?
Potential for false positive is directly related to the sensitivity of the PPS
An effective physical security strategy employs seven basic functions in an orchestrated and tailored manner.
- Access Control
- Deterrence
- Detection
- Assessment
- Delay
- Response
- Evidence
What are the three formats of barriers?
Structural components, electrical components, and human components
What type of lock should be used if there are windows on either side of the door?
A double cylinder keyed deadbolt
Mention types of physical security mesures?
Barriers, fencing, bollards, terrain, locks, design architecture and engineering, CPTED, landscaping, lighting, and glass treatment
Mention types of electronic security measures
Surveillance, access control, intrusion detection systems, communications
What purposes does an incident management system serves?
guiding a response to an incident in real time
supporting post-incident analysis and recurrence reduction
informing the planning process for physical security upgrades or program modifications
assessing the effects of facility design and layout on incident prevention and response
comparing incident characteristics in similar facilities based on physical security traits.
What should the methodology employed in physical security assessments examine?
general and specific threats, vulnerabilities, asset criticality, potential consequences, likelihood, severity, and velocity
The physical security assessment/security survey is one tool to specifically address
the security risk to physical (tangible) assets.
A risk assessment lays more stress on vulnerabilities or a security survey?
Security survey. Whereas a comprehensive risk assessment focuses equally on assets, threats, vulnerabilities, and consequences, a security survey places more emphasis on vulnerabilities
What are the factors to consider when addressing vulnerabilities?
lack of redundancy or backups for critical functions or systems
single points of failure
collocation of critical systems, organizations, or components
inadequate response capability to recover from an attack
ease of aggressor access to a facility
inadequate security measures in place
presence of hazardous materials
potential for collateral damage from other companies in the area
When conducting a security survey, which of the following should be a focus of the assessment? Assets, vulnerabilities, threats, or, consequences
vulnerabilities
In a security survey, what helps to ensure that the key elements are not overlooked?
Checklist
One thinks like an adversary in which type of physical security assessment methodology?
Outside Inward Methodology
In which physical security assessment methodology does the assessment team takes the role of the “defender”?
Inside Outside Methodology
This approach addresses each security function or discipline individually and then collates the findings from the assessment components. Which approach is this?
Function (Security Discipline) Methodology
Why should the software not be relied on as the sole element in conducting a physical security assessment?
Some automated risk analysis tools are in general ineffective in dealing with intangible factors and information that is difficult to quantify.
What are the three steps of gap analysis?
- What is 2. What should be 3. What to consider
What are the basic factors of security design?
governing codes and regulations
protection requirements
company standards and guidelines
type of construction
site layout
material selection
utilities
life safety
infrastructure
This process requires consideration of the threat type, tactics, mode of operations, capabilities, threat level, and likelihood of occurrence. Threats come from malevolent humans, not accidental (safety-related) events. This process is BEST defined as which of the following?
1. Loss event profiles
2. Adversarial Sequence Diagram
3. Design basis threat
4. Threat Risk Assessment
Design basis threat
Which lights best support color CCTV?
metal halide lights best support color CCTV because it emits a white type of light
___________gives off a yellowish light
high-pressure sodium lights give off a yellowish light
What are some delay tactics (wrt building access)?
Serpentine drives and parking standoff
What is a physically effective and cost effective approach (design solution) wrt building access?
serpentine pattern barriers in front of retractable bollards.