Physical Security CISSP Review Gonzalo Espinosa CISSP CISM

Physical Security CISSP Review Gonzalo Espinosa, CISSP, CISM Lámina 1 © ALAPSI/ITESM 2006

Overview • The Physical Security domain address the threats, vulnerabilities, and countermeasures which can be utilized to physically protect an enterprise’s resources and sensitive information. • These resources include people, the facility in which they work, and the data, equipment, support systems, media and supplies they utilize. Lámina 2 © ALAPSI/ITESM 2006

Overview • The candidate will be expected to know the elements involved in – Choosing a secure site – Its design and configuration, and the methods for securing the facility against unauthorized access – Theft of equipment and information, and – The environmental and safety measures needed to protect • People • The facility, and • Its resources Lámina 3 © ALAPSI/ITESM 2006

1. Which of the following should be the first step to be performed prior to installing cable wires in a computer center facility? a) b) c) d) Lámina 4 Implement physical security controls Test the cables Check with local building codes Label the cables © ALAPSI/ITESM 2006

Choice (c) is the correct answer. Prior to any wiring installation it is good to contact the official local building code standard sources and people to ensure that the plant cable plant is consistent with electrical and fire codes. This is to protect the safety and security of the facility Lámina 5 © ALAPSI/ITESM 2006

2. Which of the following is the most costly countermeasure to reducing physical security risks? a)Procedural controls b) Hardware devices c)Electronic systems d) Personnel Lámina 6 © ALAPSI/ITESM 2006

Choice (d) is the correct answer. Personnel such as security guards are the greatest expense due to direct salaries plus fringe benefits paid to them. It is good to use people only in those areas where procedural controls, hardware devices, or electronic systems can not be utilized at all or cannot be utilized more effectively. Procedural controls are generally the least expensive such as logging visitors and recording temperatures. They could be manual or automated, where the latter can be expensive. Hardware devices can include locks, keys, fences, gates, document shredders, vaults, barricades, etc. Electronic systems can include access controls, alarms, CCTV, detectors, etc. Lámina 7 © ALAPSI/ITESM 2006

3. Which of the following should be considered as delaying devices in physical security? a)Lights b) Safes c)Locks d) Vaults Lámina 8 © ALAPSI/ITESM 2006

Choice (c) is the correct answer. Locks are considered as delaying devices only and not bars to entry. The longer it takes to open or break a lock the shorter the patience for an intruder. The idea is that officials will soon be arriving at the place if it takes longer to open a lock. Lights serve as deterrent to violators. Safes provide protection against fire, burglary, and robbery. Vaults are enlarged safe and could be supported by alarm systems. Lámina 9 © ALAPSI/ITESM 2006

4. The “vulnerability of a facility” to damage or attack may be assessed by all of the following except: a)Inspection b) History of losses c)Security Controls d) Security budget Lámina 10 © ALAPSI/ITESM 2006

Choice (d) is the correct answer. Examining a security budget cannot reveal much since there is no direct correlation between the budget and the vulnerability. An inspection of the facility by an experienced inspector can reveal the status of the facility and its associated controls. Examination of the facility’s record of losses can reveal how bad the situation is. The degree of security controls installed can reveal whether high-value property is properly safeguarded from theft by insiders or attack by outsiders. Lámina 11 © ALAPSI/ITESM 2006

5. Which of the following is the last line of defense in a physical security? a)Perimeter barriers b) Exterior protection c)Interior barriers d) People Lámina 12 © ALAPSI/ITESM 2006

Choice (d) is the correct answer. The perimeter barriers (e. g. fences) are located at the outer edge of property and usually are the first line of defense. The exterior protection such as walls, ceilings, roofs, and floors of buildings themselves are considered the second line of defense. Interior barriers within the building such as doors and locks are considered the third line of defense. After all the above defenses are failed, the last line of defense would be people, employees working in the building. They should question strangers and others unfamiliar to them. Lámina 13 © ALAPSI/ITESM 2006

6. Which of the following is a safe practice to ensure physical security? a)Deter b) Detect c)Delay d) Deny Lámina 14 © ALAPSI/ITESM 2006

Choice (a) is the correct answer. It is preferred to deter attacks against property, whether criminal or not. If not deterred, access to selected areas or properties should be denied. If not denied, attacks that occur should be detected. If not detected in time, attacks should be delayed to allow time for response by authorities. Lámina 15 © ALAPSI/ITESM 2006

7. Fires involving energized electrical equipment are rated as: a)Class A fires b) Class B fires c)Class C fires d) Class D fires Lámina 16 © ALAPSI/ITESM 2006

Choice (c) is the correct answer. A classification of fires is based on the nature of the combustibles, relating directly to the efficacy of the extinguishing agents. Four classes are described as follows: Class A: Fires involving ordinary combustible solids (e. g. , wood, cloth, paper, rubber, and many plastics) Class B: Fires involving flammable or combustible liquids and flammable gases Class C: Fires involving energized electrical equipment Class D: Fires involving certain combustible materials such as magnesium and sodium Lámina 17 © ALAPSI/ITESM 2006

8. A device or devices which sense(s) vibration or motion is (are) called: a)Vibration detector only b) Seismic detector and vibration detector c)Proximity detector and seismic detector d) Intrusion detector and vibration detector Lámina 18 © ALAPSI/ITESM 2006

Choice (b) is the correct answer. A seismic detector is a device which senses vibration or motion and thereby senses a physical attack upon and object or structure. Vibration detector is the same as the seismic detector. A proximity protector is a device which initiates a signal (alarm) when a person or object comes near the protected object. An intrusion detector is a device designed to detect an individual crossing a line or entering an area. Lámina 19 © ALAPSI/ITESM 2006

9. Which of the following represents the upper end of the protection scale against electrical problems (e. g. , sags) in a computer center? a)Batteries backup b) Power filters c)Power conditioners d) Uninterruptible power supply Lámina 20 © ALAPSI/ITESM 2006

Choice (d) is the correct answer. The order of protection scale from lower end to upper end is as follows: batteries backup, power filters, power conditioners, and uninterruptible power supply (UPS). Battery backup has a short life (that is, low-end protection) compared to the UPS (which has high-end protection). Power filters filter the sags, spikes, and impulse noises. Power conditioners regulate the voltage into the system. UPS can clean up most of the power problems such as spikes, surges, sags, brownouts, blackouts, frequency variations, transient noises, impulse hits. Lámina 21 © ALAPSI/ITESM 2006

10. Which of the following pairs of items create a conflicting situation in a computer center? a)Fire-resistant file cabinets, vital records b) Sprinkler systems, water damage c)Fire detection system, alarms d) Furniture and equipment, noncombustible materials Lámina 22 © ALAPSI/ITESM 2006

Choice (b) is the correct answer. Sprinkler systems are desirable if computer room construction contains combustible materials. While sprinklers extinguish fire, extensive water can damage some areas and materials in the room due to use of the sprinkler system. Choice (d) has no conflict because furniture and equipment in a computer room should be constructed of metal or other noncombustible material. Choice (c) has no conflict because fire detection and extinguishing systems should have alarms to signal troubles and to communicate problems to a specific location that is always manned. Choice (a) has no conflict because vital records should be stored in a fire-resistant cabinet file. Lámina 23 © ALAPSI/ITESM 2006

11. Which of the following measures provides a first line of defense against potential risks and threats in a computer center? a)Application security b) Data security c)Physical security d) Telecommunications security Lámina 24 © ALAPSI/ITESM 2006

Choice (c) is the correct answer. Physical security measures (e. g. , locks and keys) are the first line of defense against potential risks and exposures; and are mostly hardware-related. The securities listed in the other three choices are mostly software-related. Lámina 25 © ALAPSI/ITESM 2006

12. The least important factor to be considered when selecting an uninterruptible power system is: a)Fuel options b) Electrical load c)Battery duration d) Physical space Lámina 26 © ALAPSI/ITESM 2006

Choice (a) is the correct answer. The selection of an uninterruptible power system is governed by three factors: electrical load, battery duration, and physical space. The electrical load represents the capacity for the UPS to supply power to the equipment properly. The battery duration is simply how long the UPS is supposed to support the equipment. Physical space will be required by any UPS. Fuel options, whether to use diesel or natural gasoline, can be considered at a later point in the decision making process. Lámina 27 © ALAPSI/ITESM 2006

13. Which of the following is a proper in a computer room? a)Smoke detection equipment shuts down the wet pipe equipment. b) Smoke detection equipment shuts down the air conditioning equipment. c)Smoke detection equipment shuts down the preaction pipe equipment. d) Smoke detection equipment shuts down the water pipe equipment. Lámina 28 © ALAPSI/ITESM 2006

Choice (b) is the correct answer. The smoke detection system should shut down the air conditioning equipment. Similarly, an emergency power shutdown should include shutting down the air conditioning system. The reason being that when there is a smoke or power loss, the air conditioning equipment should be turned off so people do not inhale smoke. Lámina 29 © ALAPSI/ITESM 2006

14. All of the following are proper places for installing smoke detectors exept: a)In the ceiling of a building b) Under the raised floor c)In air return ducts of a building d) In water drains on the floor Lámina 30 © ALAPSI/ITESM 2006

Choice (d) is the correct answer. For maximum use and benefit, smoke detectors should be installed in the ceiling, under the raised floor, or in air return ducts. Choices (a, b, and c) are proper places. Putting a smoke detector in water drains on the floor is improper. Lámina 31 © ALAPSI/ITESM 2006

15. Which of the following is the best place for sounding an alarm coming from a computer room? a)At a local station b) At a security guard station c)At a central station d) At a fire or police station Lámina 32 © ALAPSI/ITESM 2006

Choice (d) is the correct answer. The best place for sounding an alarm coming from a computer room is at a fire or police station due to immediate action taken. There can be a delay at the other choices. Lámina 33 © ALAPSI/ITESM 2006

16. Electronic surveillance and wiretapping has increased due to which of the following? a)Telephone lines b) Bugging techniques c)Microchip technology d) Surveillance equipment Lámina 34 © ALAPSI/ITESM 2006

Choice (c) is the correct answer. Miniaturization has greatly aided spying. With advances in microchip technology, transmitters can be so small as to be enmeshed in wallpaper, inserted under a stamp, or placed on the head of a nail. Lámina 35 © ALAPSI/ITESM 2006

Physical Security CISSP Review Gonzalo Espinosa, CISSP, CISM Lámina 36 © ALAPSI/ITESM 2006