Section 18: Facilities Security Flashcards

1
Q

Three types of fire suppression

A

handheld, sprinklers, special hazard protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Five categories of fires

A

A, B, C, D, K

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a class C fire?

A

Electrical fire (use C02 extinguisher)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Class D fires

A

battery fire with combustible stuff

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

C02 extinguisher

A

Takes out oxygen from room, safe for computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Wet pipe sprinkler system

A

Waiting for bulb to melt and water will spray and is waiting to go to be sprayed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Dry Pip sprinkler system

A

Pipes filled with pressurized air

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

pre action sprinkler system

A

similar to dry pipe but won’t activate until heat or smoke is detected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Hot and cold aisles

A

server racks are back to back where AC is blowing in a lane through the exhaust lanes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What should humidity be at?

A

40%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Faraday Cage

A

Shielding installed around an entire room that prevents electromagnetic energy and radio frequencies from entering or leaving the room

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

TEMPEST

A

US Government standards for the level of shielding required in a building to ensure emissions and interference cannot enter or exit the facility

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Vehicles connect numerous subsystems over a ________

A

controller area network (CAN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The primary external interface is the _________

A

Onboard Diagnostics module (ODB-II)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

There is no _________ in a CAN

A

authentication; any message that’s sent to the vehicle has to be accepted; really scary - can control the vehicle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How are cars hacked

A

Attach the exploit to OBD-II, onboard cellular, onboard Wi-Fi

17
Q

Most smart devices use an embedded version of what?

A

Linux or Android

18
Q

Best thing you can do for IoT devices?

A

Segment them from your network

19
Q

Embedded System

A

Computer system that’s designed to perform a specific dedicated function (like an IV or something like that)

20
Q

PLC

A

Programmable Logic Controller = a type of computer designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems

21
Q

System on Chop (SoC)

A

A processor that integrates the platform function on a chip (like a Roomba)

22
Q

RTOS

A

Real time operating system - a type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks

23
Q

FGPA

A

field programmable gate array - a processor that can be programmed to perform a specific function by a customer rather than at the time of the manufacture

24
Q

Operational Technology

A

A communications network designed to implement an industrial control system rather than data networking (opening and shutting valves, dials, gauges, stuff like that)

25
Q

Industrial systems prioritize

A

Availability

26
Q

ICS

A

Industrial Control System - a network that manages embedded systems (power station, water suppliers, etc.)

27
Q

Fieldbus

A

Digital serial data communications used in operational technology networks to link PLCs

28
Q

Human-Machine Interface (HMI)

A

Input and output controls on a PLC to allow a user to configure and monitor the system

29
Q

Data Historian

A

Software that aggregates and catalogs data from multiple sources within an industrial control system

30
Q

SCADA

A

Supervisory Control and Data Acquisition - A type of industrial control system that manages large-scale, multiple site stuff (some kind of a WAN connection is used, for example the electric meter is part of a SCADA network)

31
Q

Modbus

A

A communications protocol used in operational technology networks

32
Q

Four key controls for mitigating attacks in specialized systems

A

Establish administrative control over OT networks by recruiting staff with relevant expertise

Implement the minimum network links by disabling unnecessary links, ports and protocols

Develop and test a patch management program for Operational Technology networks

Perform regular audits of logical and physical access to systems to detect possible vulnerabilities and intrusions

33
Q

Premise Systems

A

Systems used for building automation and physical access security

34
Q

PACS

A

Physical Access Control System - centralized configuration of the physical controls that you have in place. Often installed and maintained by an external supplier and are therefore omitted from risk and vulnerability assessments by analysts.