CompTIA Sec+ Sy0-601 Chapter 14
Which of the following physical access control methods do not normally identify who has entered a secure area? (Choose two.) A. Access control vestibule B. Hardware lock C. Fingerprint scan D. Smartcard with PIN
A and B. Access control vestibule are designed to prevent tailgating and gaining access to a restricted area. Some access control vestibule variations use two sets of doors, one of which must close before the second one opens. Traditional access control vestibule do not require access cards. Hardware locks simply require possession of a key, although proper physical key management is necessary to track key issuance and return. Neither reveals a person's identity.
You are installing an IP-based CCTV surveillance system throughout your company's facilities. What should you do to harden the CCTV environment? (Choose two). A. Change default credentials. B. Place CCTV equipment on an air-gapped network. C. Configure a hot aisle. D. Configure a cold aisle.
A and B. Default credentials should never remain enabled for any type of device. To reduce the risk of network infiltration, CCTV equipment should be placed on an isolated air-gapped network that has no physical connection to other networks.
You are responsible for acquiring new laptop computers for employees in a branch office. What should you do to prevent sensitive data retrieval from discarded storage media used by the old laptops? (Choose two.) A. Pulverizing B. Degaussing C. Air gapping D. Reformatting of the old laptop hard disks
A and B. Pulverizing is used to reduce documents or electrical components into small fragments, making them useless for information gathering. Degaussing uses a powerful magnet to erase data from magnetic storage media, such as conventional spinning hard disks.
What methods are most commonly used by physical security teams to verify whether somebody is authorized to access a facility? (Choose two.) A. Employee ID badge B. Username and password C. Access list D. Smartcard
A and C. An employee ID badge enables physical verification that somebody is allowed to access a building. An access list defines who is allowed to access a facility or office space and should be consulted by reception when anyone arrives.
A data center IT director requires the ability to analyze facility physical security breaches after they have occurred. Which of the following present the best solutions? (Choose two.) A. Motion sensor logs B. Laser security system C. Access control vestibule D. Software video surveillance system
A and D. Motion sensor logs can track a perpetrator's position more accurately than most video surveillance camera systems, however, closed-circuit television (CCTV) software video surveillance system footage can be played back and used to physically identify unauthorized people. To conserve disk space, most solutions record only when there is motion.
Over the last month, you have added new rack-mount servers in your server room, and servers have begun mysteriously shutting down for no apparent reason. Servers restart normally only to shut down again eventually. Servers are fully patched, and virus scanners are up to date. Which of the following is the most likely reason for these failures? A. The server room temperature is too hot. B. The server room temperature is too cool. C. The servers are infected with a virus. D. The server operating systems contain programming flaws.
A. A hot server room is most likely the problem since new equipment has been added, which adds to the room temperature. An HVAC technician should be consulted, which could result in the implementation of hot and cold aisles if necessary.
You are consulting with a client regarding a new facility. Access to the building must be restricted only to those who know an access code. What might you suggest? A. Cipher lock B. Deadbolt lock C. Store the code in a safe D. Biometric authentication
A. Cipher locks are electronic keypads that enable authorized people to enter an access code to gain access to a room or a building. All the user needs to know is the access code, no physical card is required.
After reviewing facility access logs, you notice that two on-duty security guards worked together to allow late-night building access to thieves. Which term best describes this situation? A. Collusion B. Access control vestibule C. Degaussing D. Shredding
A. Collusion occurs when multiple parties work together to engage in dishonest or fraudulent behavior. In this case, having two people working together did not prevent the illegal activity from occurring.
What can limit the data emanation from electromagnetic radio frequencies? A. Faraday cage B. Antistatic wrist strap C. ESD mat D. ESD boots
A. Data emanation results from the electromagnetic field generated by a network cable or network device, which can be manipulated to eavesdrop on conversations or to steal data. Faraday cages are used to enclose electronic equipment to prevent data emanation and to protect components from external static charges.
While reviewing facility entry points, you decide to replace existing doors with ones that will stay locked during power outages. Which term best describes this feature? A. Fail-secure B. Fault-tolerant C. Fail-safe D. UPS
A. Fail-secure systems ensure that a component failure (such as a power source) will not compromise security, in this case, the doors will stay locked.
You are writing code for a custom mobile device app, and for security reasons, you want to prevent tampering and the ability of others to read the code. Which technique will accomplish the requirement? A. Obfuscation B. Encryption C. Hashing D. Air gapping
A. Obfuscating programming code, often called code camouflaging, is done using a software development plug-in. The result is an unreadable variation of the original readable text.
Trinity uses her building access card to enter a work facility after hours. She has access to only the second floor. What is this an example of? A. Authorization B. Authentication C. Accountability D. Confidentiality
A. This is an example of authorization, which involves having legitimate access to specific resources such as web sites, files on a file server, or, in this case, access to a specific floor in a building.
Match the terms on the left with the descriptions on the right. Note that not all terms on the left have a matching description on the right. Air gapping, Degaussing, Faraday cage, Access Control vestibule Building access through a set of two doors, one of which opens only after the first is closed. Prevent wireless signal emanation Magnetics storage media decommisioning Network isolation Screened subnet
An air-gapped network is physically isolated from all other networks Degaussing is a process using a magnet to erase data stored on magnetic media such as hard disks A Faraday cage is a small enclosure in which wireless devices are placed to prevent the receipt or transmission of wireless signals a access control vestibule is a small room with two doors at the building entrance
Which of the following represent valid storage media destruction techniques? (Choose two.) A. Air gapping B. Shredding C. Burning D. Pulping
B and C. Shredding is used to cut paper documents into tiny pieces to ensure that the data included on the documents cannot be retrieved. Burning is also effective in destroying electrical equipment, where allowed by law, and reduces paper documents, thus making data retrieval impossible.
Which solution prevents malware infections through charging mobile devices? A. Air gapping B. USB data blocker C. Degaussing D. Faraday cage
B. A USB data blocker is a physical device that sits between a USB charging source and the device that needs to be charged, enabling device charging but not data exchange.
Your company has moved to a new location where a server room is being built. The server room currently has a water sprinkler system in case of fire. Regarding fire suppression, what should you suggest? A. Keep the existing water sprinkler system. B. Purchase a smoke-detection, waterless fire suppression system. C. Keep the existing water sprinkler system and install a raised floor. D. Place a fire extinguisher in the server room.
B. Assuming local building codes allow waterless fire suppression systems, you should suggest these be used, because they will not damage or corrode computer systems or components like water will.
What should be done in facility parking lots to ensure employee safety? A. Install a barricade. B. Install proper lighting. C. Install an exit sign. D. Install a first-aid kit.
B. Proper lighting in parking lots reduces the likelihood of attacks or muggings perpetrated against employees.
What can be done to protect switches and routers from physical security vulnerabilities? (Choose two.) A. Use a cable lock. B. Use SSH instead of Telnet. C. Set a strong console port password. D. Disable unused ports.
C and D. A console port enables a local user to plug a cable into the router or switch to administer the device locally, so a strong password is recommended. Disabling unused switch ports and router interfaces prevents unauthorized people from plugging devices into those ports and gaining access to the device or the network.
A private company conducting top-secret research for the military has headquarters in a rural location, with multiple buildings spread across a 30-acre property. Which solutions should be put in place to monitor and secure the property? (Choose two). A. DMZ B. Air gap C. Fencing D. Drones
C and D. Physical fencing can deter unauthorized access to the property and can also display signage regarding trespassing on private property. Many firms specializing in security fencing recommend a minimum height of 2.1 meters (7 feet). Security drones, also called unmanned aerial vehicles, are remote-controlled flying vehicles that can monitor large areas by flying over them. This type of drone is usually equipped with night vision motion detection video capabilities.
Which class of fire extinguisher should be used to extinguish fires related to electrical equipment? A. Class A B. Class B C. Class C D. Class D
C. Class C fire extinguishers are designed to put out electrical fires.
Degaussing is a secure disposal mechanism that applies to _________________. A. Faraday cages B. Paper documents C. Hard disks D. Solid state drives
C. Degaussing is a secure disposal mechanism that applies to hard disks. It involves using a powerful magnet to erase data from magnetic storage media such as conventional spinning hard disks.
A data center administrator uses thermal imaging to identify hot spots in a large data center. She then arranges rows of rack-mounted servers such that cool air is directed to server fan inlets and hot air is exhausted out of the building. Which of the following terms best defines this scenario? A. HVAC B. Form factoring C. Hot and cold aisles D. Data center breathing
C. In a data center, cold aisles optimize cold airflow to equipment intake fans, while hot aisles optimize hot air equipment exhaust flow by directing it away from equipment to the outside. Cool air is often fed under raised floors with perforated vents to feed equipment. Panels are installed between equipment racks to keep the cool and warm air from mixing, resulting in greater cooling efficiency.
A top-secret local network must not allow connectivity from any other network. What can be done to address this security concern? A. Deploy a NAT router at the network perimeter. B. Configure a screened subnet. C. Configure ACL rules to block traffic on the network perimeter router. D. Air gap the network.
D. Air gapping isolates a sensitive network through a lack of connectivity to other networks.
Which technology enables security robot sentries to interpret their environments to make security decisions? A. Faraday cages B. Degaussing C. Air gapping D. Artificial intelligence
D. Artificial intelligence (AI) is the imitation of human behavior by technology, such as robot sentries used for security. Successful AI implementations are fed data such as environmental sensor data (temperature, humidity) from built-in firmware or expansion cards or video and audio surveillance feeds on which decision-making is learned within the confines of configured parameters.
Your manager has implemented a policy that requires all employees to shred sensitive documents. What type of attack is your manager hoping to prevent? A. Tailgating B. Denial of service C. Social engineering D. Dumpster diving
D. Dumpster diving is the act of going through a target's garbage trying to locate information that can help the hacker perform an attack or gain access to the company assets. Shredding paper documents helps to prevent this from happening.
You are planning the network cable distribution for one floor of your office building. What should you do to minimize the risk of wiretaps reading network transmissions? A. Deploy Network Access Control switches. B. Deploy twisted-pair copper wiring. C. Deploy IPSec. D. Deploy fiber-optic cabling.
D. Fiber-optic cabling transmits light pulses instead of electrical signals on copper wires and is thus not susceptible to traditional wiretapping.
Currently, employees use a text file to store usernames and passwords they need to authenticate to a variety of web sites. You need to address this issue with a secure solution. What should you implement? A. HTTPS B. PKI C. Air gap D. Password vault
D. Password vaults provide a centralized, secure credential storage solution to users otherwise having to remember multiple sets of credentials when accessing multiple applications or web sites. Normally a passphrase or smartcard is required to unlock the vault, similar to entering a code to unlock a safe.
Which access control method electronically logs entry into a facility? A. Picture ID card B. Security guard and log book C. IPSec D. Proximity card
D. Proximity cards must be positioned within a few centimeters of the reader to register the card and either allow or deny access to a facility. All access is logged electronically without the need of a physical log book or security guard.
Your manager has requested that the combo padlocks used to secure different areas of the company facility be replaced with electronic swipe cards. What type of social-engineering attack is your manager hoping to avoid with this change? A. Hoaxes B. Tailgating C. Dumpster diving D. Shoulder surfing
D. Shoulder surfing involves a malicious user secretly looking over somebody's shoulder to acquire sensitive information. Using swipe cards requires possession of the card and swiping the card through a reader, there is no sensitive code that can be viewed by watching somebody swipe a card.
Which type of threat is mitigated by shredding paper documents? A. Rootkit B. Spyware C. Shoulder surfing D. Physical
D. Shredding documents prevents physical threats such as theft of those documents or acquiring information from them.
Computers in your organization's finance department are equipped with a TPM chip, and TPM-enabled full disk encryption of all disks attached to each computer has been enabled. How does this configuration mitigate physical security threats? A. The contents of stolen encrypted disks are read-only. B. When removed from the TPM-enabled device, the disks' contents are securely deleted. C. The stolen disks cannot be placed in Faraday cages. D. The contents of stolen encrypted disks are inaccessible.
D. Trusted Platform Module (TPM) is cryptographic firmware designed to store cryptographic keys for disk encryption as well as to ensure the machine boot process has not been tampered with, including the malware infection of operating system boot files. The contents of a TPM-encrypted disk removed from a system where the disk was encrypted are inaccessible because the decryption key is not available.