Environmental Controls and Mobile Devices

Tracks location Least accurate

IP address resolution

Which of the following are not reasons to remote wipe a mobile device?

When the device is inactive for a period of time.

Tracks location More accurate

Wi-Fi triangulation

. Environmental controls that can be implemented to protect computer systems include:

*Cool temperatures to protect hardware from being damaged by overheating. *A humidity controlled environment to keep humidity above 50% to avoid electric shock. *Moisture detectors to alert responsible individuals early and prevent water/flood damage from water pipes and sprinklers. *Fire suppression controls to prevent damage from heat and smoke.

Types of Interference in Environment:

*Electro-magnetic interference (EMI) is caused by noise between the hot wire and the ground or neutral wires in a circuit. It can disrupt the signal in a data cable. Common causes of EMI are: oMotors oHeavy machinery oLights oElectrical systems ( e.g., computer system) *Radio Frequency interference (RFI) is the reception of high-frequency radio waves. Sources can include: oMicrowave ovens oWireless devices oTransmitting devices oCellular phones oFlorescent lighting

Fire requires the following four components to burn:

*Fuel such as wood, paper, or petroleum. *Heat, which triggers the fire and raises the temperature of surrounding materials, bringing them closer to a combustible point. *Oxygen for the oxidation of the combustible material. *The chemical reaction that occurs as the oxygen and the fuel ignite.

Environmental temperature conditions

*Heat reduces the life span and reliability of computer equipment. Computer components age and degrade faster the hotter they run. *Fans and cooling systems on users' desktop, laptop, and notebook computers are usually adequate to keep those types of equipment sufficiently cool. *Server rooms require special cooling systems due to the high concentration of equipment. *The optimum temperature for computer equipment is 68 degrees Fahrenheit (20 Celsius). *There is a variety of environment sensors and software available to monitor the temperature in server rooms and data centers. *Environmental sensors and software can also help you to identify hot spots. *Temperature sensors are generally located about 1.5 to two feet above the floor and five to six feet above the floor throughout the room. A variation of more than 12 degrees between low-mounted and high-mounted sensors indicates a problem. Air flow is an important factor in controlling temperature. Be aware that: *Fans are a critical component in preventing hot spots in a computer room. There are two type of fans: *Fans inside the computer equipment. *Room fans which circulate the air in the room. *The air exchange rate for a computer room is much higher than for an office area. *An office area needs approximately two air changes an hour. *A server room needs between 20 and 30 air changes per hour.

Humidity is also an important consideration for server rooms.

*Humidity should be keep within a range of 40 to 65 percent: *Too much humidity results in condensation. *Too little humidity results in electrostatic discharge (ESD). *Depending on the naturally occurring humidity level of your area and the season, you may have to add humidity or use a de-humidifier. *Avoid large, rapid changes in humidity. Keeping a narrow range of temperature in the computer room will help to avoid condensation. *Many temperature sensors also monitor humidity.

A key consideration inside the building is the location of the data center.

*Locate the data center as close as possible to the center of the building. *Do not locate under water pipes or in any other area that might be subject to flooding or water damage. *Make sure walls have a minimum fire rating of one hour and go all the way to the true ceiling. *Reduce the number of inbound doors. *Windows should be too small for humans to go through. *The data server room should be the most restricted area of the facility thus it should be located in an area where security can be easily and thoroughly implemented.

Methods to shield computer systems include:

*Surrounding a server room with a faraday cage to protect a system from RFI. *Creating a TEMPEST (Transient Electromagnetic Pulse Emanating Surveillance Technology) environment or control zone to reduce electronic noise from devices.

Extinguishing agents used to suppress fire include:

*Water to remove the heat. Water can cause damage to the computer equipment but is harmless to people. *Gas to displace oxygen. When extinguishing a fire around critical computer equipment, the best option is to eliminate oxygen because that would have the least damaging effect. This task almost always involves a gas (such as CO2 and Halon) that does not leave a damaging residue. Be aware of the following when using gas systems: *They don't work well in an open environment and special ventilation may be required. *Evacuate the room immediately; removal of oxygen can suffocate someone in the room. *Dry chemicals (such as sodium bicarbonate), wet chemicals, and foam can be used to extinguish fuel from burning, but will leave a residue and cause damage to the computer equipment.

What is the recommended humidity level for server rooms?

50%

Blackout

A blackout is a complete power failure. A blackout can have a variety of sources such as downed power lines or failed transformers.

A device containing sensitive data may be lost.

Enroll devices in a mobile device management system.

Brownout

A brownout is a reduction in voltage that lasts longer than a few seconds. A brownout is generally caused at the utility company during times of high power usage. The ANSI standard defines a brownout as an 8 percent drop between the power source and the voltage meter or a 3.5 percent drop between the voltage meter and the wall outlet.

Fault

A fault is a momentary power outage that can have a variety of sources.

Fixed suppression system

A fixed system is part of a building and typically combines fire detectors with fire-suppression technology. *Fire detectors detect rapid changes in temperature or smoke. *Fixed fire-suppression systems usually use water or gas to extinguish fire. *Deluge sprinklers have open sprinklers and the pipes are dry until the fire alarm initiates the deluge valve to open and send water to all the sprinklers. *Wet pipe sprinklers contain pressurized water that is released when initiated by a heat-sensitive device. Wet pipe systems respond faster to fire threats. Be aware that a fixed system might only slow down a fire, giving you extra time to evacuate; it might be incapable of actually extinguishing a fire.

Lockout or screen lock

A lockout (or screen lock) disables the ability to use the device after a short period of inactivity. The correct password or PIN unlocks the device.

Reporting system

A procedure to immediately report the loss of a device will enable the device to be disabled quickly and reduce the chance of confidential information being compromised.

Sag/Dip

A sag or dip in power is a reduction in voltage for a short period of time (up to as long as a few seconds). Sources of sags or dips include chained power strips, faulty wiring, sudden power draws (such as when equipment is first turned on), and large inductive sources such as an electric motor.

Surge/Spike

A surge or spike in power is a sudden rise in voltage. It can be caused by a lightning strike, a power plant coming on-line or going off-line, or even equipment inside the facility.

Transient

A transient is a fluctuation caused by line noise or disturbance.

HVAC system

A well-maintained heating, ventilating, and air conditioning (HVAC) system is important for employee comfort and the protection of equipment *HVAC controls the temperature and humidity of a building. *HVAC keeps temperatures cool for computer systems. *Computer systems and server rooms should be centrally located with separate ducting for better controls. *Computer rooms/server rooms require full-time environmental controls. Recommendations for HVAC systems include: *Use positive pressure systems. Positive pressure systems protect the air quality in the facility by causing air to be forced out through doors, windows, and other openings. Negative pressure systems draw air in, potentially bringing in airborne particles such as dust, smoke from a fire, or contamination from a chemical leak. Positive pressure systems are more energy effective. *Protect filter air intakes. The air intakes are the source of air for the positive pressure system. Air intakes can be a target of sabotage or contaminated by toxic chemicals if an incident occurs in the surrounding area. *For electronic components, keep temperature between 70 and 74 degrees and humidity between 40 and 65 percent. *Ensure that appropriate personnel have access to shut off values for HVAC system in the event of an emergency.

Components within your server room are falling at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce the problems?

Add a separate A/C unit in the server room

Personal Identification Number (PIN)

All devices should be accessible only after a PIN has been entered or other authentication method has been activated.

Devices have no pin or password configured.

Enroll devices in a mobile device management system.

Preventing loss of control of sensitive data

Enroll devices in a mobile device management system.

Asset tracking and inventory control

Because mobile devices are not tied to a physical location, asset tracking and inventory control are very important. At a minimum, you should track the following for each device owned by your organization: *The make and model number of the device *The device serial number *The operating system version number *The date the device was purchased and the vendor it was purchased from *The end-of-warranty date for the device *The vendor providing support for the device *The employee the device has been issued to There are many mobile endpoint management solutions that can be implemented to automate asset tracking and inventory control processes. Most of these solutions can also use the following technologies to track the physical location of your mobile devices: *The Global Position System (GPS) can track the location of GPS-enabled devices to within a meter. *Wi-Fi triangulation can track the location of devices in heavily-populated urban areas to within a few meters, depending upon the number of networks in range and the accuracy of their signal strength data. *Cell phone tower triangulation can track the location of devices to within a kilometer, depending upon the signal strength and number of cell towers within range. *IP address resolution is much less accurate than the other options, tracking the location of devices to within roughly 20 kilometers.

Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components?

Carbon dioxide (CO2)

Tracks location Less accurate

Cell phone tower triangulation

The type of fire extinguisher you select should be based on the type of fire:

Class A Wood, paper, cloth, plastics Water or soda acid Class B Petroleum, oil, solvent, alcohol CO2 or FM200 Class C Electrical equipment, circuits, wires Halon or CO2 Class D Sodium, potassium Dry powders Class K Oil, solvents, electrical wires Halon, CO2, soda acid

Which of the following fire extinguisher types is the best used for electrical fires that might result when working with computer components.

Class C

Malware propagation Possible Remedies

Consider implementing a network access control (NAC) solution that remediates devices before allowing them to connect to your network. Alternatively, consider implementing a guest wireless network that is isolated from your organization's production network. User-owned devices can connect to this network to gain Internet access but are quarantined from the rest of your organization's production network.

Which of the following fire extinguisher types poses a safety risk to users in the area?

Halon CO2

Storage segmentation

Consider segmenting personal data from organizational data on mobile devices. This storage strategy allows: *Encryption to be applied only to sensitive organizational data on the device. *Only organizational data to be removed during a remote wipe, preserving personal data.

Encryption

Data encryption ensures data confidentiality on the device. Voice encryption (on mobile phones) ensures data confidentiality during transit.

Which of the following statements about ESD is not correct?

ESD is much more likely to occur when the relative humidity is above 50%. It occurs more often when humidity is below 50%

Tracks location Most accurate

GPS

Device management

If a user brings a personally-owned device on site, then the question of who is responsible for managing the device needs to be clearly identified. Responsibility for the following needs to be defined: *Operating system updates *App updates *Anti-malware installation *Anti-malware definition updates

Support

If a user brings a personally-owned device on site, then the question of who will provide support for the device and the apps used on the device needs to be clearly identified. Will the organization's help desk provide support, or must the user depend upon support provided by the device manufacturer?

Loss of control of sensitive data

If a user copies sensitive data to their device, your organization could potentially lose control of that information. Even the question of who owns the data after it has been copied to the personal device becomes problematic. Consider the following scenarios: *The user may not have implemented appropriate security settings on their device, allowing anyone who gains access to the device to view the sensitive data. *The user may lose the device, allowing anyone who finds it to access the sensitive data. *The device may become infected with malware, potentially exposing the sensitive data.

Malicious insider attacks

If a user is so inclined, they could use their mobile device to conduct a malicious insider attack. For example, they could: *Use the built-in camera, which nearly all modern mobile devices have, to take pictures of sensitive internal information. *Use the built-in microphone to record conversations. *Use the built-in video function to record proprietary processes and procedures. *Use the device's mobile broadband connection to transfer stolen data to parties outside the organization, bypassing the organization's network security mechanisms.

Malware propagation

If a user's tablet or phone has been infected with malware, then the infection can be spread when they connect their device to your organization's network.

Over the last several years, the use of mobile devices within your organization has increased dramatically. Unfortunately, many department heads circumvented your Information Systems procurement policies and directly purchased tablets and smartphones for their employees without authorization. As a result there is a proliferation of devices within your organization without accountability. You need to get things under control and begin tracking the devices that are owned by your organization. How should you do this?

Implement a mobile endpoint management (MEM) solution.

Anti-malware software is not installed.

Implement a network access control (NAC) solution

Apply the latest anti-malware definitions

Implement a network access control (NAC) solution

Preventing malware infections

Implement a network access control (NAC) solution

Loss of control of sensitive data Possible Remedies

Implement an acceptable use policy that defines what kind of data is allowed on personally-owned devices and what kind of data is prohibited. Information classification labels can be useful when implementing this policy. Consider requiring personal devices to be enrolled with a mobile device management infrastructure, such as Windows Intune, to enforce mobile device security policies.

Support Possible Remedies

Implement an acceptable use policy that specifies: *Where users can get support for personally-owned mobile devices. *Which apps are allowed for use with organizational data. *Where users can get support for these apps.

Malicious insider attacks Possible Remedies

Implement an acceptable use policy that: *Specifies where and when mobile devices can be possessed within the organization. For example, the possession of mobile devices may be prohibited in high-security areas. *Notifies users that personally-owned devices are subject to random searches if brought on site.

Your organization has recently, purchased 20 tablet devices for the Human Resource department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profile as much as possible. Which actions should you take?

Implement storage segmentation Enable device encryption

Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do

Install shielded cables near the elevator

Unused features

Just as with a desktop or server system, you should disable or uninstall unused features on mobile devices. Unused features or services can expose threat vectors into the device.

You walk by the server room and notice a fire has started. What should you do first?

Make sure everyone has cleared the area.

Request process

Mobile devices will usually contain confidential information, thereby creating a security risk for an organization. To control the risk, an organization should control who is issued a device and what information is put on the device.

Portable suppression system

Portable systems are fire extinguishers that can be used to suppress small fires. Be aware of the following facts when using a portable fire extinguisher: *A pin is inserted in the handle of most fire extinguishers to prevent the extinguisher from being accidentally triggered. Remove the pin to use the fire extinguisher *Use the PASS method (Pull, Aim, Squeeze, and Sweep) to administer the fire suppressant. Aim toward the base of the fire. *Fire extinguishers usually have a limited effective range of 3-8 feet. *Be aware that fires spread quickly. In most cases you will be unable to control a fire with just a portable system.

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement?

Positive pressure system

AC power

Power systems can help keep electrical service constant. The following types of protection are available to improve and protect your equipment for AC power issues: *Surge protectors protect against spikes that damage components. Many power strips have a built-in surge protector. *Uninterruptible Power Supplies (UPS) protect against under-voltage conditions of short duration (depending on battery life, 30 min or more). Most UPS systems include a line conditioner and a surge protector. *A redundant power source to ensure constant power. An example of a redundant power source is a backup generator or power from a secondary source in case one source fails. Backup generators require fuel to operate and can provide power to critical systems until the fuel is consumed. *Line conditioners (also known as power conditioners) are used to improve the quality of the power by providing one or more of the following: *Filters to remove noise. *Temporary voltage regulator *Surge protectors Line conditioners can be dedicated to a single computer, a server room, or to an entire building. The order in which critical equipment should draw power is: *UPS line conditioner *UPS battery *Backup generator

Besides protecting a computer from under voltages, a typical UPS also performs which two actions?

Protects from over voltages Conditions the power signal

Water and gas

Recommendations for water and gas focus mainly on the ability to turn them off in the event of a broken pipe, fire, or other type of an emergency. These recommendations are: *Identify the location of a master shut off valve. *Identify the location of any secondary shut-off valves. Using secondary shutoff valves minimizes the impact of the service loss. *Ensure that the shut off valves work. *Mark shut off valves to increase visibility. *Ensure that appropriate personnel have access to shut off values for water and gas systems. *Secure shut off valves from general access. In the event of water damage, take appropriate steps to protect equipment and the area from corrosion and mildew/mold. Mildew and mold can cause potential health hazards.

Infrastructure and its components:

Refers to the systems that support the site. Infrastructure components include AC power, heating, ventilation and air conditioning systems (HVAC), gas, and water. Of these systems, AC power can present the greatest challenge on a day-to-day basis.

Device management Possible Remedies

Relying on the end user to implement these updates is unwise. Instead, consider implementing a network access control (NAC) solution that remediates devices before allowing them to connect to your network.

A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device?

Remote wipe

Remote wipe

Remote wipe, also known as sanitization, remotely clears specific, sensitive data on the mobile device. This task is also useful if you are assigning the device to another user or after multiple incorrect entries of the password or PIN.

Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?

Screen lock

Shielding

Shielding is the process of protecting computer systems from interference to prevent transmission problems and security concerns such as eavesdropping

Devices with a data plan can e-mail stolen data

Specify where and when mobile devices can be possessed in your acceptable use policy

Preventing malicious insider attacks

Specify where and when mobile devices can be possessed in your acceptable use policy

Users take pictures of proprietary processes and procedures.

Specify where and when mobile devices can be possessed in your acceptable use policy

Supporting mobile device users

Specify who users can for help with a mobile device apps in your acceptable use policy.

Which of the following is the least effective power loss protection for computer systems?

Surge protector

Hot and Cold Aisles

To ensure proper cooling, make sure server rooms have separate ducting or cooling systems from the rest of the building. The use of hot and cold aisles within the server rooms is an effective method for reducing the temperature of server rooms. A cold aisle is created by having the front of the equipment face toward the center of the aisle. Hot aisles have the back of the equipment face the aisle. Air from the cooling system is forced into the cool aisles from underneath and exhausted through the hot aisles overhead. Typically, cold aisles face air conditioner output ducts and hot aisles face air conditioner return ducts. Best practices for hot aisle/cold aisle containment include: *Install internal fans to bring air into or exhaust it out of individual units to act with, not against, the overall pattern of air flow in the center. *Locate devices with side or top exhausts in their own part of the datacenter. *Raise the floor 1.5 feet so that air being pushed by air conditioning equipment can pass through. *Install automatic doors in the data center.