Chapter 8: Physical Security Review Quiz
A single post method of preventing vehicle access is to use a jersey wall. -True -False
Answer - False bollards are single posts of concrete used for preventing a vehicle from damaging a building
Which range is the optimal temperature for a data center? -60-68 F -65-70 F -70-74 F -55-60 F
Answer = 70-74 F
A threat to data could be that someone inserted a _______ in a system to capture what a user has been entering into their system. -A skimmer -A keylogger -A sniffer -A text identifier
Answer = A keylogger
A network that is not physically connected to a network is referred to as this term: -Faraday cage -Airgap -VLAN -Mantrap
Answer = Airgap
Why is physical security so important to good network security? -Because encryption is not involved -Because physical access defeats nearly all network security measures -Because an attacker can steal biometric identities -Authentication
Answer = Because physical access defeats nearly all network security measures
One of the concerns about physical access to a server is the use of a: -IPS -Bootdisk -Firewall -Packet sniffer
Answer = Bootdisk
Which is a good physical security step to prevent the theft of laptops? -Key management -Cable locks -Safes -Logs
Answer = Cable locks
A fire broke out in a trash receptacle containing mostly paper products. Which fire extinguisher class is best suited for this type of fire? -Class A -Class B -Class C -Class D
Answer = Class A
Which common setting should you use to prevent malware from installing automatically from a portable flash drive? -Set BIOS passwords -Set BIOS and UEFI passwords -Disable autoplay for USB disks -Require biometric login
Answer = Disable autoplay for USB disks
What is used in data centers for fire extinguishers? -CO2 fire extinguishers -Water sprinklers -Dry agent extinguishers -Special non-conductive foam agents
Answer = Dry agent extinguishers
Which is the best choice of fire suppression (budget not withstanding) -Halon -Water -Dry heat -FM-200
Answer = FM-200
Emergency exit doors for manned security sensitive spaces should be what type of door? -Fail-secure -Fail-safe -Unlocked at all times -Locked unless monitored
Answer = Fail-safe
Since there are great many technical physical security strategies that could be incorporated, security guards are no longer relevant in a business. -True -False
Answer = False security guards are the number one deterrent and 1st line of defense.
Where should a report about server backup policies be stored? -On the CIO's desk -In a safe -In a secure cabinet -Attached to the rack in the server room for reference
Answer = In a secure cabinet
Which is a true statement about physical security? -It applies to access servers and server rooms only -It combines a firewall and physical security -It applies to access to the facility and rooms and resources contained in the facility -It is physical barriers and preventing remote access
Answer = It applies to access to the facility and rooms and resources contained in the facility
In terms of physical security, which term refers to protecting important assets by using multiple perimeter measures? -Layered access -Multifactor access control -Dual authentication -Intrusion detection system
Answer = Layered access
What is a common threat to token-based access controls? -The key -Demagnetization of the strip -A system crash -Loss or theft of the token
Answer = Loss or theft of the token
You have a user that is writing computer code for a special and important project. In the event of a power failure you want to ensure the user can save their work quickly. Which should you implement? -Generator -Power strip -Online UPS -Standby UPS
Answer = Online UPS
In a datacenter the use of a hot/cold aisle means that cold air is: -Pushed to the hot aisle to cool it -Pushed from the floor to the cold aisle -Pushed from the ceiling to the cold aisle -Is evenly split between both aisles to balance temperature swings
Answer = Pushed from the floor to the cold aisle
Why is HVAC important to computer security? -Sabotage of the AC unit would make the computers overheat and shutdown -Sabotage of the AC unit could take out the electrical power -The AS units could be connected to the network -HVAC is not important to security
Answer = Sabotage of the AC unit would make the computers overheat and shutdown
How high should a fence be to deter casual climbing? -Five feet if the fence is monitored visually -Ten feet -Seven feet -Eight feet or higher with Barbed wire
Answer = Seven feet
What is the most common example of an access token? -Smart card -Handwriting sample -PDA -Key
Answer = Smart card
Which is a security strategy that will prevent a user of stealing an encryption key? -TPM -Access cards -Faraday cage -Tempest
Answer = TPM
Your customer is a defense contractor working on top-secret military equipment. In addition to the usual physical safeguards, you need to ensure that a user cannot eavesdrop from accessing the electrical emanations. which of these is the BEST option? -CCTV -Contactless access cards -Tempest -STP cable
Answer = Tempest
Why should security guards get cross-training in network security? -They are the eyes and ears of the corporation when it comes to security -They are the only people in the building at night -They are more qualified to know what a security threat is -They have the authority to detain violators
Answer = They are the eyes and ears of the corporation when it comes to security
Why can USB flash drives be a threat? -They use too much power -They can bring malicious code past other security mechanisms -They can be stolen -They can be encrypted
Answer = They can bring malicious code past other security mechanisms
A mantrap is used to combat tailgating. -True -False
Answer = True
You dont want to invest in the storage to continually store camera data so you choose a motion detector since it only alerts when there is some form of activity. -True -False
Answer = True
You want to prevent someone with physical access to your server from restarting the device and configuring the system for boot to USB as the first option. This should be done with a BIOS password. -True -False
Answer = True
Probably the simplest physical attack on the computer system is which of the following? -Accessing an ethernet jack to attack the network -Using an imitation to fool a biometric authenticator -Installing a virus on a CCTV system -Outright theft of a computer
Answer = outright theft of a computer
