Physical security - Garima's Deck Flashcards
What are the primary functions of a PPS?
Detection, Delay and Response
What is a defence in depth approach?
An adversary must avoid or defeat a number of protective devices or features in sequence.
What is the purpose of the design concept?
The design concept incorporates the basis of design; documents its findings, conclusions and recommendations from any initial survey, and is the first opportunity to document the project’s design.
What approach generally yields the most effective design solution a problem?
Systems approach
What is Risk Management?
Risk Management is coordinated activities to direct and control an organization with regard to risk.
What does Risk Management rely on?
Risk Management relies on risk assessment, which in turn relies on vulnerability assessment.
What does Risk Assessment rely on?
Vulnerability Assessment
What are the classes in which adversaries can be classified?
Outsiders, Insiders, and outsiders in collusion with insiders.
What are the four estimates of likelihood of attack?
Frequency estimate, possibility estimate, qualitative estimate, conditional estimate
What type of estimate of likelihood of attack ranks the attack possibility of an event?
Qualitative estimate
A well designed and integrated PPS is more effective against ____________ (fill in the blanks)
low level threats than high high level threats.
A well designed and integrated PPS is more effective against ____________ (fill in the blanks)
low level threats than high high level threats.
If a PPS is not meeting its goals and objectives it is time to begin
Part II of the PPS system - the design phase.
Which is the most difficult security measure to quantify
deterrance
Why is detection, in itself, worth little?
Potential for false positive is directly related to the sensitivity of the PPS
An effective physical security strategy employs seven basic functions in an orchestrated and tailored manner.
- Access Control
- Deterrence
- Detection
- Assessment
- Delay
- Response
- Evidence
What are the three formats of barriers?
Structural components, electrical components, and human components
What type of lock should be used if there are windows on either side of the door?
A double cylinder keyed deadbolt
Mention types of physical security mesures?
Barriers, fencing, bollards, terrain, locks, design architecture and engineering, CPTED, landscaping, lighting, and glass treatment
Mention types of electronic security measures
Surveillance, access control, intrusion detection systems, communications
What purposes does an incident management system serves?
guiding a response to an incident in real time
supporting post-incident analysis and recurrence reduction
informing the planning process for physical security upgrades or program modifications
assessing the effects of facility design and layout on incident prevention and response
comparing incident characteristics in similar facilities based on physical security traits.
What should the methodology employed in physical security assessments examine?
general and specific threats, vulnerabilities, asset criticality, potential consequences, likelihood, severity, and velocity
The physical security assessment/security survey is one tool to specifically address
the security risk to physical (tangible) assets.
A risk assessment lays more stress on vulnerabilities or a security survey?
Security survey. Whereas a comprehensive risk assessment focuses equally on assets, threats, vulnerabilities, and consequences, a security survey places more emphasis on vulnerabilities
What are the factors to consider when addressing vulnerabilities?
lack of redundancy or backups for critical functions or systems
single points of failure
collocation of critical systems, organizations, or components
inadequate response capability to recover from an attack
ease of aggressor access to a facility
inadequate security measures in place
presence of hazardous materials
potential for collateral damage from other companies in the area
When conducting a security survey, which of the following should be a focus of the assessment? Assets, vulnerabilities, threats, or, consequences
vulnerabilities
In a security survey, what helps to ensure that the key elements are not overlooked?
Checklist
One thinks like an adversary in which type of physical security assessment methodology?
Outside Inward Methodology
In which physical security assessment methodology does the assessment team takes the role of the “defender”?
Inside Outside Methodology
This approach addresses each security function or discipline individually and then collates the findings from the assessment components. Which approach is this?
Function (Security Discipline) Methodology
Why should the software not be relied on as the sole element in conducting a physical security assessment?
Some automated risk analysis tools are in general ineffective in dealing with intangible factors and information that is difficult to quantify.
What are the three steps of gap analysis?
- What is 2. What should be 3. What to consider
What are the basic factors of security design?
governing codes and regulations
protection requirements
company standards and guidelines
type of construction
site layout
material selection
utilities
life safety
infrastructure
This process requires consideration of the threat type, tactics, mode of operations, capabilities, threat level, and likelihood of occurrence. Threats come from malevolent humans, not accidental (safety-related) events. This process is BEST defined as which of the following?
1. Loss event profiles
2. Adversarial Sequence Diagram
3. Design basis threat
4. Threat Risk Assessment
Design basis threat
Which lights best support color CCTV?
metal halide lights best support color CCTV because it emits a white type of light
___________gives off a yellowish light
high-pressure sodium lights give off a yellowish light
What are some delay tactics (wrt building access)?
Serpentine drives and parking standoff
What is a physically effective and cost effective approach (design solution) wrt building access?
serpentine pattern barriers in front of retractable bollards.
Which is the preferred glass type for mitigating blast forces?
Laminated glass
What does it mean to be fail safe?
Automatic release of locks
Glow in dark signage is an example of
wayfinding measure
In the design of a new high-rise structure and considering life safety aspects of the building, which should rank as a first priority?
CPTED principles in the building design
Controlled access and surveillance for legitimate users
Fire detection, confinement, extinguishment, evacuation, and, escape
Adversary deterrence, detection, delay, deny, and, defence
Fire detection, confinement, extinguishment, evacuation and escape
What are the three underlying elements of CPTED?
Territoriality (Natural)
Surveillance (Organizational)
Access Control (Mechanical)
The property owners in a 20-unit townhouse complex implemented signage and designed the landscaping to deter unwanted activity and trespassing. They also designed the area to provide better sight-lines of the children’s playground from the inside of the residences. They intend to establish a sense of ownership, responsibility, and accountability with property owners, to increase vigilance in identifying trespassers. Which of the following CPTED terms BEST meets this community’s intent?
Target attractiveness
Natural territorial reinforcement
Random activity theory
Neighbourhood watch
Natural territorial reinforcement
When designing a new multi-level parking garage, to increase visibility, both interior-to-exterior and exterior-to-interior to facilitate witness potential, and make the likely adversary fear exposure, is described in CPTED as which of the following?
Natural surveillance
Natural access control
Natural territorial reinforcement
Compartmentalization
Natural surveillance
CPTED is the design or redesign of a venue to reduce crime opportunity and fear of crime through natural, mechanical, and procedural means. CPTED is a crime prevention theory grounded in environmental criminology. CPTED primarily focuses on which of the following PPS principles?
Deterrence
Detection
Delay
Response
Deterrence
What are the steps in preventing repeat victimization?
Quickly remove signs of victimization
Improve physical security
Block easy access to targets
Protect especially vulnerable targets
Regulate access to high risk assets or areas
What are the four main strategies of second generation CPTED?
Cohesion
Capacity threshold
Community Culture
Connectivity
What is another name for the tipping point theory?
Capacity threshold
What are the main lighting sources (lamp types)?
Incandescent
Halogen and quartz halogen
Fluorescent
Mercury vapor
Metal halide
High pressure sodium
Low pressure sodium
LED
Induction
Which lamps have a poor rendition for video surveillance because of the blue light they cast?
Mercury vapor
Which lamps have a poor rendition for video surveillance because of the blue light they cast?
Mercury vapor
Which lamps are used at sports stadiums because they imitate daylight conditions and color appears natural and also work well with video surveillance systems?
Metal halide
Which lamps suffer from poor color rendition but are used on streets and in parking lots as they allow to see more detail at greater distances in fog?
High pressure sodium
Which are the lamps which have poor color rendition for video surveillance systems?
Mercury vapor
High pressure sodium
Low pressure sodium
Which lamps are used mainly indoors which have a long life?
Induction
Which light is invisible to naked eye but useful for video scene illumination?
Infrared lighting
Which of the following lighting systems have the best color rendition for night lighting?
Metal halide
A security practitioner is designing a PPS for a hospital parking garage and is considering security lighting to enhance the CCTV surveillance and monitoring. What is the BEST type of lighting to apply?
LED
What are the characteristics that effect the security effectiveness of light use and lighting systems?
Quantity of lights
Level or intensitiy of light or illuminance
Light reflection of surrounding materials
Color temperature of the light
What are the three main characteristics of intrusion sensor performance?
Probability of detection
Nuisance alarm rate
Vulnerability to defeat
What are the factors on which the probability of detection relies?
target to be detected (e.g., walking/running/crawling intruder, tunneling, etc.), in addition to the direction and speed of target movement through the sensors’ pattern
sensor hardware design
installation conditions
sensitivity adjustment
weather conditions
condition of the equipment
What are alarm initiation conditions?
Occurrence of a potential intrusion event. These are intrusion sensors.
A change in a safety or process condition being monitored (rise in temperature, presence of smoke, etc.). These are state sensors.
Loss of electrical power. These are fault event sensors.
Opening, shorting, or grounding of the device circuitry; tampering with the sensors; or changes in impedance on a circuit enclosure or distributed control panels (transponders). These are tamper sensors.
Failure of the sensor itself. This is another fault event that should be detected.
What are the five characteristics that aid in the design and operation of an intrusion sensor system?
Probability of detection
Nuisance alarm rate
Vulnerabulity to defeat
Alarm initiation conditions
Operating conditions
This detector absorbs invisible light energy comparing actual energy to established background energy. What type of detector is this?
Passive infrared
Active infrared
Active microwave
Passive microwave
Passive infrared
This detector can use buried cable or transmitting and receiving signals relying on consistent reception of transmitted or reflected energy. When energy levels change due to a reflection or deflection, an alarm is transmitted. This is called _________ detection.
Microwave
What are the uses of video surveillance?
Surveillance
Assessment
Forensics
Risk Mitigation
What are the main elements of a video surveillance system?
Field of view
Scene
Lens
Camera
Transmission medium
Workstation
Recording equipment
Which of the following statements best describes a CCTV’s field of view?
The location or area intended to be observed
The area visible through the camera lens
The view from the camera that is recorded
The function of CCTV which best controls color rendition
The area visible through the camera lens
Which of the following BEST fits this description of this video surveillance component: “This determines the clarity and size of the field of view.”
The camera
The monitor
The recording equipment
The lens
The lens
What questions should be asked to discern a video surveillance system’s functional requirements?
What is the purpose of the system?
What specifically is each camera supposed to view?
What are the requirements for proactive risk reduction, real time monitoring or recorded video?
What are the four reasons to have cameras in security applications?
To obtain visual information about something that is happening
To obtain visual information about something that has happened
To deter or discourage undesirable activities
To use video analytics tools.
What are the three identification views of VSS?
Subject identification
Action identification
Scene identification
When selecting a VSS it is important to use a systems approach. True or False
True
What are the two critical elements of AC&D system?
Transportation or communication of data
Presentation or display of that data to a human operator in a meaningful form.
What are the AC&D Attributes?
Robustness is a measure of system performance in all probable environments.
The individual components should be reliable and have a long mean time between failures (MTBF).
Provide redundant or backup capability for critical components factoring in the possibility of failure.
Alarm information must be available to security personnel in a timely manner.
AC&D systems must be easy for an operator to use.
When an alarm event occurs, what should AC&D system inform the operator?
Where the alarm has occurred
What or who caused the alarm
When the alarm happened
Response or action required
What are the subsystems AC&D system is divided into?
communications, line supervision and security, information handling, control and display, assessment, and off-line subsystems.
What characteristics drive the design of alarm communication systems?
Quantity of alarm data
High reliability needed for the system
Speed at which the data must be delivered
Which of the following are outcomes of the planning phase? Select all that apply.
A set of security requirements or objectives
A risk assessment and risk mitigation plans
Procurement lists and purchase orders
The business case for the new or upgraded security systems
A set of security requirements or objectives.
The business case for the new or upgraded security systems
Which of the following are outcomes of the planning phase? Select all that apply.
A set of security requirements or objectives
A risk assessment and risk mitigation plans
Procurement lists and purchase orders
The business case for the new or upgraded security systems
A set of security requirements or objectives.
The business case for the new or upgraded security systems
These diagrams show complete security subsystems, including all the devices and how they are connected in a building or campus. They are called:
Details diagrams
Plan drawings
Elevation drawings
Riser Diagrams
Riser Diagrams
Prepared during initial planning phase with a large contingency ( +/- 10 to 20%)
Budgetary estimate
Preliminary design estimate
Final design estimate
Budgetary estimates
Developed at the 50% design review stage and normally has a contingency of + / - 10%
Budgetary estimate
Preliminary design estimate
Final design estimate
Preliminary design estimate
Refined as the project advances to 100% completion with minimum contingency
Budgetary estimate
Preliminary design estiamte
Final design estimate
Final design estimate
The actual cost of a security system is its __________
lifecycle cost
When in the procurement stage, an invitation for bids (IFB) will list specific equipment and software and request prices from the contractors to supply the specific items and install them. This is BEST described as:
Design estimation
Design specification
Design planning
Design evaluation
Design specification
In its simplest form, the lifecycle cost is the sum of __
the capital cost and the maintenance cost over the useful life of the system
Typically the warranty cost and maintenance cost equals to _____% of the total capital systems construction costs.
11%
Successful implementation of any physical security construction project requires a well-defined and executed procurement contract, as the lifecycle of implementing a typical system should take
18 to 24 months
What is the testing conducted on a test system in advance of installation called?
Factory acceptance testing
This type of testing demonstrates the completed system complies with contract requirements. What is it called?
Site acceptance testing
Alternates testing and evaluation to allow for validation and corrective actions is called _______.
Reliability testing
What affects the effectiveness of automated assessment tools?
Qualification of assessment personnel
Cost of assessment tools
Complexity of assessment software
Software’s inability to assess intangible factors and characteristics
What are the four principal security strategies identified by most security designers?
Prevention
Detection
Control
Intervention
Homeland security features five principal strategies. What are these?
Preparation
Prevention
Detection
Response
Recovery
What are the four applications for security lighting?
Standby
Continuous
Movable
Emergency
