Section 18: Facilities Security

Question 1

Three types of fire suppression

Answer 1

handheld, sprinklers, special hazard protection

Question 2

Five categories of fires

Answer 2

A, B, C, D, K

Question 3

What is a class C fire?

Answer 3

Electrical fire (use C02 extinguisher)

Question 4

Class D fires

Answer 4

battery fire with combustible stuff

Question 5

C02 extinguisher

Answer 5

Takes out oxygen from room, safe for computers

Question 6

Wet pipe sprinkler system

Answer 6

Waiting for bulb to melt and water will spray and is waiting to go to be sprayed

Question 7

Dry Pip sprinkler system

Answer 7

Pipes filled with pressurized air

Question 8

pre action sprinkler system

Answer 8

similar to dry pipe but won’t activate until heat or smoke is detected

Question 9

Hot and cold aisles

Answer 9

server racks are back to back where AC is blowing in a lane through the exhaust lanes

Question 10

What should humidity be at?

Answer 10

40%

Question 11

Faraday Cage

Answer 11

Shielding installed around an entire room that prevents electromagnetic energy and radio frequencies from entering or leaving the room

Question 12

TEMPEST

Answer 12

US Government standards for the level of shielding required in a building to ensure emissions and interference cannot enter or exit the facility

Question 13

Vehicles connect numerous subsystems over a ________

Answer 13

controller area network (CAN)

Question 14

The primary external interface is the _________

Answer 14

Onboard Diagnostics module (ODB-II)

Question 15

There is no _________ in a CAN

Answer 15

authentication; any message that’s sent to the vehicle has to be accepted; really scary - can control the vehicle

Question 16

How are cars hacked

Answer 16

Attach the exploit to OBD-II, onboard cellular, onboard Wi-Fi

Question 17

Most smart devices use an embedded version of what?

Answer 17

Linux or Android

Question 18

Best thing you can do for IoT devices?

Answer 18

Segment them from your network

Question 19

Embedded System

Answer 19

Computer system that’s designed to perform a specific dedicated function (like an IV or something like that)

Question 20

PLC

Answer 20

Programmable Logic Controller = a type of computer designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems

Question 21

System on Chop (SoC)

Answer 21

A processor that integrates the platform function on a chip (like a Roomba)

Question 22

RTOS

Answer 22

Real time operating system - a type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks

Question 23

FGPA

Answer 23

field programmable gate array - a processor that can be programmed to perform a specific function by a customer rather than at the time of the manufacture

Question 24

Operational Technology

Answer 24

A communications network designed to implement an industrial control system rather than data networking (opening and shutting valves, dials, gauges, stuff like that)

Question 25

Industrial systems prioritize

Answer 25

Availability

Question 26

ICS

Answer 26

Industrial Control System - a network that manages embedded systems (power station, water suppliers, etc.)

Question 27

Fieldbus

Answer 27

Digital serial data communications used in operational technology networks to link PLCs

Question 28

Human-Machine Interface (HMI)

Answer 28

Input and output controls on a PLC to allow a user to configure and monitor the system

Question 29

Data Historian

Answer 29

Software that aggregates and catalogs data from multiple sources within an industrial control system

Question 30

SCADA

Answer 30

Supervisory Control and Data Acquisition - A type of industrial control system that manages large-scale, multiple site stuff (some kind of a WAN connection is used, for example the electric meter is part of a SCADA network)

Question 31

Modbus

Answer 31

A communications protocol used in operational technology networks

Question 32

Four key controls for mitigating attacks in specialized systems

Answer 32

Establish administrative control over OT networks by recruiting staff with relevant expertise

Implement the minimum network links by disabling unnecessary links, ports and protocols

Develop and test a patch management program for Operational Technology networks

Perform regular audits of logical and physical access to systems to detect possible vulnerabilities and intrusions

Question 33

Premise Systems

Answer 33

Systems used for building automation and physical access security

Question 34

PACS

Answer 34

Physical Access Control System - centralized configuration of the physical controls that you have in place. Often installed and maintained by an external supplier and are therefore omitted from risk and vulnerability assessments by analysts.