Exam Essentials: Chapter 10

Posted byChrisPosted inUncategorized

Chapter 10: Physical Security Requirements (WIP)

Understand why there is no security without physical security

  • Without control over the physical environment, no amount of administrative or technical/logical controls can provide adequate security.
  • If a malicious person can gain physical access to your facility/equipment, they can do anything they want, including destruction, alteration & disclosure.

Know the three categories of security controls implemented to manage physical security

  • The controls implemented to manage physical security can be divided into three groups:
    • Administrative physical controls, including:
      • Facility construction & selection
      • Site management
      • Personnel controls
      • Awareness training
      • Emergency response procedures
    • Technical physical controls, which can be:
      • Access controls
      • Intrusion detection
      • Alarms
      • CCTV
      • Monitoring
      • HVAC
      • Power supplies
      • Fire detection & suppression
    • Physical controls for physical security, such as:
      • Fencing
      • Lighting
      • Locks
      • Construction materials
      • Mantraps
      • Dogs
      • Guards
  • Know when and how to use each, and be able to list examples of each kind.

Know the functional order of controls

  • The functional order of controls is:
    1. Deter
    2. Deny
    3. Detect
    4. Delay

Know the key elements in making a site selection and designing a facility for construction

  • Key elements in site selection:
    • Visibility
    • Composition of the surrounding area
    • Area accessibility
    • Effects of natural disasters
  • A key element in designing a facility is understanding the level of security needed by your organisation, and planning for it before construction begins

Know how to design & configure secure work areas

  • There should not be equal access to all locations within a facility.
  • Areas that contain assets should be located in the heart (or centre of protection) provided by a facility.
  • Centralised servers or computer rooms need not be human-compatible.

Understand the security concerns of a wiring closet

  • A wiring closet is where the networking cables for a whole building or just a floor are connected to other essential equipment such as patch panels, switches, routers, LAN extenders & backbone channels.
  • Most of the security for a wiring closet focuses on preventing physical unauthorised access.
  • If an unauthorised intruder gains access to the area, they may be able to steal equipment, pull/cut cables, or even plant a listening device.

Understand how to handle visitors in a secure facility

  • If a facility employs restricted areas to control physical security, then a mechanism to handle visitors is required.
  • Often an escort is assigned to visitors, and their access & activities are monitoring closely.
  • Failing to track the actions of outsiders when they are granted access to a protected area can result in malicious activity against the most protected assets.

Understand security needs for media storage

  • Media storage facilities should be designed to securely store blank, reusable & installation media.
  • The concerns include theft, corruption & data remnant recovery.
  • Media storage facility protections include locked cabinets or safes, using a librarian/custodian, implementing a check-in/check-out process, and using media sanitisation.

Understand the concerns of evidence storage

  • Evidence storage is used to retain logs, drive images, VM snapshots and other datasets for recovery, internal & forensic investigations.
  • Protections include dedicated/isolated storage facilities, offline storage, activity tracking, hash management, access restrictions & encryption.

Know the common threats to physical access controls

  • No matter what form of physical access control is used, a security guard or other monitoring systems must be deployed to prevent abuse, masquerading & piggybacking.
  • Abuses of physical access controls include propping open secured doors and bypassing locks or access controls.
  • Masquerading is using someone else’s security ID to gain entry to a facility.
  • Piggybacking is following someone through a secured gate or doorway without being identified or authorised personally.

Understand the need for audit trails & access logs

  • Audit trails & access logs are useful tools even for physical access control.
  • They may need to be created manually by security guards, or they can be generated automatically if sufficiently automated access controls are in place (smartcards & certain proximity readers).
  • You should also consider monitoring entry points with CCTV; through CCTV, you can compare the audit trails & access logs with a visually-recorded history of the events.
  • Such information is critical to reconstructing the events of an intrusion, breach or attack.

Understand the need for clean power

  • Power supplied by electricity companies is not always consistent or clean.
  • Most electronic equipment demands clean power in order to function properly. Equipment damage because of power fluctuations is a common occurrence.
  • Many organisations opt to manage their own power through several means.
  • A UPS is a type of self-charging battery that can be used to supply consistent, clean power to sensitive equipment.
  • UPSs also provide continuous power even after the primary power source fails. A UPS can continue to supply power for minutes or hours depending on its capacity and the draw by equipment.

Know the terms commonly associated with power issues

  • Fault
  • Blackout
  • Sag
  • Brownout
  • Spike
  • Surge
  • Inrush
  • Noise
  • Transient
  • Clean
  • Ground

Understand how to control the environment

  • In addition to power considerations, maintaining the environment involves control over HVAC mechanisms.
  • Rooms containing primarily computers sould be kept at 60-75°F (15-23°C).
  • Humidity in a computer room should be maintained between 40 and 60%.
    • Too much humidity can cause corrosion.
    • Too little humidity causes static electicity. Even on non-static carpeting, if the environment has low humidity, it’s still possible to generate static discharges of 20kV. Even minimal levels of static discharge can destroy electronic equipment.

Understand the need to manage water leaking & flooding

  • Water leaking and flooding should be addresses in your environmental safety policy & procedures.
  • Plumbing leaks can cause significant damage.
  • If your computer systems come into contact with water, especially while they are operating, damage is sure to occur; also there’s an obvious electrocution risk.
  • Whenever possible, locate server rooms & critical computer systems away from water source or transport pipes.

Understand the importance of fire detection & suppression

  • Protecting personnel from harm should always be the most important goal of any security or protection system.
  • In addtion to protecting people, fire detection & suppression is designed to keep damage caused by fire, smoke, heat & suppression materials to a minimum, especially in regard to IT infrastructure.
    • The destructive elements of a fire include smoke & heat, but also the suppression medium, such as water or soda acid.
    • Smoke is damaging to most storage devices.
    • Heat can damage any electronic or computer component.
    • Suppression media can cause short circuits, corrosion or otherwise render equipment useless.
    • All of these issues must be addressed when designing a fire response system.

Understand personnel privacy & safety

  • In all circumstances, and under all conditions, the most important aspect of security is protecting people. Thus, preventing harm to people is the most important goal for all security solutions.

Leave a comment

Design a site like this with WordPress.com
Get started