3.1.4 Practice Questions
You are the security administrator for a small business. The floor plan for your organization is shown in the figure below. You've hired a third-party security consultant to review your organization's security measures. She has discovered multiple instances where unauthorized individuals have gained access to your facility, even to very sensitive areas. She recommends that you provide employees with access badges and implement access badge readers to prevent this from happening in the future. Click on the office locations where access badge readers would be most appropriate.
*Select Main Lobby and Networking Closet (Server Room)* Access badge readers are typically implemented at building entrances to control access to a facility. Only individuals who have an authorized access badge are allowed to enter the facility. Individuals who do not have an access badge must be cleared and admitted by security personnel. Additional access badge readers can be implemented within the facility to further restrict access to sensitive areas, such as the server room.
If a fingerprint or retina scan is required to open a secured door, which kind of physical security has been implemented?
Biometric locks Biometric locks use unique physical characteristics of a person to authenticate his or her access to a secured item. Often, these locks take the form of fingerprint scanners or retina scanners. An access list is incorrect because it is a list of names that a guard checks. Mantraps and double-entry doors are also incorrect because they are styles of entryways and don't check physical characteristics.
Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry?
Deploy a mantrap Piggybacking is when an authorized or unauthorized individual gains entry into a secured area by exploiting the credentials of a prior person. Often, the first person authenticates, unlocks the door, and then holds it open for the next person to enter without forcing them to authenticate separately. Piggybacking can be stopped by a mantrap. A mantrap is a single-person room with two doors. It often includes a scale to prevent piggybacking. Mantraps requires proper authentication before the inner door unlocks to allow authorized personal into a secured area. Those who fail to properly authenticate are held captive until authorities respond. A security camera may deter piggybacking, but it does not directly stop it. Using weight scales inside a mantrap stops piggybacking, but they are not useful or effective without the mantrap. The use of conventional keys as opposed to electronic locks has little effect on preventing piggybacking and may actually make piggybacking more prevalent.
Which option is a benefit of CCTV?
Expand the area visible by security guards A primary benefit of CCTV is that it expands the area visible by security guards. This helps few guards oversee and monitor a larger area. CCTV does not reduce the need for locks and sensors on doors and does not provide a corrective control (it is a preventative, deterrent, or detective control). CCTV does not increase security protection throughout an environment, as the range is limited to areas over which it is aimed.
Which of the following controls is an example of a physical access control method?
Locks on doors Locks on doors are an example of a physical access control method. Physical controls restrict or control physical access. Passwords, access control lists, and smart cards are all examples of technical controls. Even though a smart card is a physical object, the card by itself is a part of a technical implementation. Requiring background checks for hiring is an example of a policy or an administrative control.
You want to use CCTV to increase your physical security, and you want the ability to remotely control the camera position. Which camera type should you choose?
PTZ A Pan Tilt Zoom (PTZ) camera lets you dynamically move the camera and zoom in on specific areas (cameras without PTZ capabilities are set looking a specific direction). Automatic PTZ mode automatically moves the camera between several preset locations. Manual PTZ lets an operator remotely control the position of the camera. A bullet camera has a built-in lens and is long and round in shape. Most bullet cameras can be used indoors or outdoors. A c-mount camera has interchangeable lenses, is typically rectangular in shape, and carries the lens on its end. Most c-mount cameras require special housing to be used outdoors. A dome camera is a camera protected with a plastic or glass dome. These cameras are more vandal-resistant than other cameras. Bullet, c-mount, or dome cameras can also be PTZ cameras.
After a security event that involves a breach of physical security, what is the term used for the new measures, incident review, and repairs meant to stop a future incident from occurring?
Recovery Recovery is the phase after a breach has occurred in which damage from the event is repaired and a review is made to determine what should be done to prevent future incidents of the same nature. Prevention is incorrect because it is the phase before a breach occurs. Detection is incorrect because it is the phase when the breach itself is discovered. A data breach may be the result of a physical security incident, but is not one of the phases.
Which of the following are solutions that address physical security? (Select two.)
Require identification and name badges for all employees Escort visitors at all times Physical security controls physical access to the network or its components. Physical security controls include: > Requiring identification or key cards before entry is permitted > Escorting visitors at all times > Keeping doors and windows locked > Keeping devices with sensitive information out of view of public users > Keeping the server room locked (locking computers to racks or tables to prevent theft) > Implementing complex password, disabling guest accounts on computers, and scanning all floppy disks before use are not considered physical security controls.
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access?
Smart card Unlike proximity cards that only transmit the owner's identity, smart cards can contain and transmit many more pieces of information. Biometric locks and keypad locks don't transmit data wirelessly. In contrast, they require physical interaction.
Which of the following allows an easy exit of an area in the event of an emergency, but also prevents entry? (Select two.)
Turnstile Double-entry door A double-entry door has two doors that are locked from the outside and have crash bars on the inside, allowing for an easy exit. Double-entry doors are typically used only for emergency exits, and alarms sound when the doors are opened. A turnstile is a barrier that permits entry in only one direction. Turnstiles are often used to permit easy exit from a secure area. Entry is controlled through a mantrap or other system that requires authentication for entry. A mantrap is a specialized entrance with two doors that creates a security buffer zone between two areas. Once a person enters into the space between the doors, both doors are locked. To enter the facility, authentication must be provided. This may include visual identification and identification credentials. Bollards are short, sturdy posts used to prevent a car from crashing into a secure area.