Chapter 4 - Physical Security

How high should shrubs be? A. 18-24 inches B. 25-38 inches C. 36-42 inches D. none of the above

A. 18-24 inches

While guards and dogs are both good for physical security, which of the following more commonly applies to dogs? A. Liability B. Discernment C. Dual role D. Multifunction

A. Liability

During an assessment, you discovered that the target company was using a fax machine. Which of the following is the least important? A. The phone number is publicly available B. The fax machine is in an open, unsecured area C. Faxes frequently sit in the printer tray D. The fax machine uses a ribbon

A. The phone number is publicly available

Any opening 18 feet or less above the ground should be considered easy access and should be secured if greater than 96 inches. A. True B. False

A. True

In the field of IT security, the concept of defense in depth is layering more than one control on another. A. True B. False

A. True

Name 4 configurations of authentication tokens.

Active electronic; electronic circuit; magnetic stripe; magnentic strip; contactless cards

The process of sniffing network traffic when a switch is involved; splits network into different logical collision domains; relies on injecting packets into network, causing traffic that should not be sent to your system to be sent to your system.

Active sniffing

A datacenter should have no more than __________ door(s). A. 1 B. 2 C. 3 D. 4

B. 2

Datacenters can be located on any floor in a building. A. True B. False

B. False

Information is easily recovered if sanitization was performed. A. True B. False

B. False

Physical security is less important than logical security. A. True B. False

B. False

Sniffing is restricted to wired networks. A. True B. False

B. False

Which type of biometric system is frequently found on laptops? A. Retina B. Finger scan C. Iris D. Voice recognition

B. Finger scan

Authentication that is based on a behavioral or psychological characteristic that is unique to an individual.

Biometrics

A short-range communication technology is __________.

Bluetooth

A device that prevents entry into designated areas by motor vehicle traffic; prevents ram-raiding; they may not always be visible.

Bollard

A(n) __________ is used to prevent cars form ramming a building.

Bollard

Name the 3 layers of physical defense.

Building perimeter; building exterior; interior controls

How is a biometric device measured?

By the percentage of Type 1 and Type 2 errors it produces.

Hedges should be cut A. 1 inches below the level of the windows B. 3 inches below the level of the windows C. 6 inches below the level of the windows D. does not matter

C. 6 inches below the level of the windows

Allows an individual to send unsolicited messages over Bluetooth to other Bluetooth devices. A. Bluesmirking B. Bluesmurfing C. Bluejacking D. Bluejumping

C. Bluejacking

What is a common physical control that can be used as both a detective and reactive tool? A. A fence B. An alarm C. CCTV D. A lock

C. CCTV

What grade of lock would be appropriate to protect a critical business asset? A. Grade 4 B. Grade 2 C. Grade 1 D. Grade 3

C. Grade 1

Which of the following is the best choice for showing the flow of human traffic into areas or ensuring that individuals are properly screened and authenticated prior to entering an area? A. Steel door B. Bollard C. Turnstile D. Warning sign

C. Turnstile

Classification of gates that uses somewhat heavier construction and falls in the range of 3-4 feet in height

Commercial or Class 2

What is the most common type of lighting used as a personal safety control?

Continuous

What do lock pick sets typically contain at a minimum? A. Tension wrenches and drivers B. A pick C. A pick and a driver D. A pick and a tension wrench

D. A pick and a tension wrench

A Type 2 error is also known as what? A. False rejection rate B. Failure rate C. Crossover error rate D. False acceptance rate

D. False acceptance rate

What defines the camera's effectiveness in viewing objects form a horizontal and vertical view? A. Granularity B. Ability to zoom C. Field of view D. Focal length

D. Focal length

What is an intrusion detection system used exclusively in conjunction with fences? A. Infrared wave patter B. Motion detector C. RFID D. PIDAS

D. PIDAS

Process that permanently destroys the contents of the hard drive or magnetic media, cannot be reused.

Degaussing

Name 5 facility controls.

Doors, mantraps, & turnstiles; walls, ceilings, floors; windows; guards & dogs; construction

Process of overwriting all information on drive and allows for drive to be reused.

Drive wiping

Name 3 methods of sanitization.

Drive wiping, zeroization, degaussing

Name four categories of WLAN's attacks.

Eavesdropping; open authentication; rogue access points; denial of service

Provides physical and psychological barrier, should be 8 feet long or greater to deter.

Fences

Name 6 types of physical control measures.

Fences, gates, bollards, perimeter intrusion detection system (PIDS), warning signs & notices, tress & foliage

Name 7 common types of biometric systems.

Finger scan; hand geometry; palm scan; retina pattern; iris recognition; voice recognition; keyboard dynamics

Applying encryption to an entire disk is known as ____________.

Full disk encryption or full volume encryption

Chokepoint or point where all traffic must enter and exit the facility.

Gates

Which lock grade gives the highest security?

Grade 1

Which lock grade has the weakest design?

Grade 3

Classification of gates that are in the range of 6-7 feet in height and are of heavier construction, including chain link communication.

Industrial or Class 3

What is PBX used for?

Intraoffice phone exchange

Name 3 personal safety controls.

Lighting, alarms, CCTV

Name 4 physical access controls

Locks, tokens, biometrics, id badges

A structure that replaces a normal single door with a phone-booth sized object with a door on each side; allows enough room for one person; only one door opens at a time.

Mantrap

Name two types of locks.

Mechanical and cipher

What are two of the issues with lighting?

Overlap and glare

System that uses sensors that detect intrusion.

PIDAS (perimeter intrusion & detection assessment system)

Relies on a feature of the network card called "promiscuous" mode; it does not transmit data on the network and is hard to detect; used on networks with a hub.

Passive sniffing

Name 4 basic equipment controls.

Passwords, Password screen savers & session controls, hard drive & mobile device encryption, fax machines & public branch exchanges (PBX)

PIDAS stands for __________.

Perimeter intrusion and detection assessment system

Individuals that target telecommunication systems are known as __________.

Phreakers

Mantraps stop __________.

Piggybacking

Name 3 software programs that can be used to lock files and folders.

Pretty Good Privacy (PGP), TrueCrypt, Bitlocker

PBX stands for ___________.

Private Branch Exchange

Classification of gates that refers to gates as ornamental

Residential or Class 1

Name the 4 classification of gates.

Residential or Class 1 Commercial or Class 2 Industrial or Class 3 Restricted Access or Class 4

Classification of gates that meet or exceed a height of 8 feet and are of heavier construction

Restricted Access or Class 4

This is used to intercept network traffic and launch a man-in-the-middle attack.

Rogue access point

Process of clearing all identified content so no data remnants can be recovered.

Sanitization

A technique where tension is held on a lock with a tension wrench while the pins are scraped quickly, placing the pins in a mechanical bind.

Scraping

Hardware or software-based device that has the ability to observe traffic on a network and help a network administrator or an attacker construct what is happening on the network.

Sniffing

What type of doors should businesses consider, especially for server rooms and other critical assets?

Solid core

What two components are used to pick locks?

Tension wrench and picks

Name 5 human threats.

Theft; vandalism; destruction; terrorism; accidental

This control can be used to slow the flow of traffic into areas or ensure that individuals are properly screened & authenticated prior to entering a room.

Turnstile

This biometric error is a measurement of the percentage of individuals who should have been granted access, but were not allowed access.

Type 1

This biometric type of error is reflected by a false rejection rate (FRR).

Type 1 (False Rejections)

This biometric error is a measurement of the percentage of individuals who have gained access, but should not have been granted such.

Type 2

This biometric type of error is reflected by a false acceptance rate (FAR).

Type 2 (False Acceptance)

__________ allows for the placing of telephone calls over computer networks and the Internet.

VoIP

VoIP stands for __________.

Voice over IP

Which lock is the easiest to pick?

Warded

What point of a structure is usually the first to be attacked?

Weakest

Process usually associated with cryptographic processes, device is reset to zero to prevent anyone from recovering key.

Zeroization