Week 11 (Security in the Physical Domain) Flashcards
What does the Physical Security Domain Address?
The threats, vulnerabilities, and countermeasures that can be utilized to physically protect an enterprise’s resources and sensitive information.
What do the Resources of an Enterprise include?
People, the facility in which they work, and the data, equipment, support systems, media, and supplies they utilise.
What does Physical Security describe?
Measures that are designed to deny access to unauthorised personnel (including attackers) from physically accessing a building, facility, resources, or stored information; and guidance on how to design structures to resist potentially hostile acts.
What is the Security Controls Framework? (AAA)
AAA stands for Authentication, Authorisation and Accounting.
Authentication - create access lists and identification mechanisms to allow approved persons through barriers.
Authorisation - Create barriers around a resource so that access can be controlled through defined entry and exit points.
Accounting - Keep record of when entry/exit points are used and detect security breaches.
What does IPDRR stand for?
Identify, Protect, Detect, Respond, Recover
What are the
