Chapter 14: Physical Security
A. Motion sensor logs D. Software video surveillance system B and C are incorrect. Laser security systems rely on laser beams being interrupted and do not work well with detailed analysis after the fact. Mantraps are small rooms controlling access to a building, where the first door must be closed before the second one will open. They offer little in terms of post-analysis.
A data center IT director requires the ability to analyze facility physical security breaches after they have occurred. Which of the following present the best solutions? (Choose two.) A. Motion sensor logs B. Laser security system C. Mantrap D. Software video surveillance system
C. Hot and cold aisles A, B, and D are incorrect. Heating, ventilation, air conditioning (HVAC) generally refers to air flow and environmental control within a room or building. Form factoring and data center breathing are fictitious terms.
A data center administrator uses thermal imaging to identify hot spots in a large data center. She then arranges rows of rack-mounted servers such that cool air is directed to server fan inlets and hot air is exhausted out of the building. Which of the following terms best define this scenario? A. HVAC B. Form factoring C. Hot and cold aisles D. Data center breathing
B. EMI shielding for the building A, C, and D are incorrect. Wireless networking will not solve any problems, and it will make things worse—wireless networking always presents more security risks than a wired network. Fiber-optic cabling provides a protected way through which network transmissions can be distributed and also kept free from interference, but Bluetooth and video monitor emissions would still be a security issue. IP Security (IPSec) does nothing to quell electromagnetic interference or prevent screen emissions. IPSec encrypts and authenticates network data.
A top-secret pharmaceutical research laboratory building uses CAT 6 network cabling. The company requires no disruption or interception of Bluetooth, network, or video monitor transmissions. What should the company consider? A. Wireless networking with WPA2 Enterprise B. EMI shielding for the building C. Fiber-optic cabling D. IPSec
B. Cipher locks
Electronic combination locks are also known as _____. A. Padlocks B. Cipher locks C. Hardware locks D. Combo locks
A. Employee ID badge C. Access list B and D are incorrect. Usernames and passwords can authenticate a user to a computer system, as can a smart card, but these do not get verified by a security guard. Smart cards contain an embedded microchip. Users enter a PIN in conjunction with using their smart card, which constitutes multifactor authentication. Smart cards are also called security tokens.
How can security guards verify whether somebody is authorized to access a facility? (Choose two.) A. Employee ID badge B. Username and password C. Access list D. Smart card
B. Use TPM. C. Prevent booting from removal devices. D. Lock the server chassis. A is incorrect. An uninterruptible power supply (UPS) provides power during an outage but does nothing to secure data.
In the event of a physical security breach, what can you do to secure data in your server room? (Choose three.) A. Install a UPS. B. Use TPM. C. Prevent booting from removal devices. D. Lock the server chassis.
B. Disable unused ports D. Configure console password F. Configure an auxiliary password.
Jeff is a network administrator for the company and is looking to implement some best practices on the switches. He has placed the switches in the server room, which is locked at all times. What else should he do? (Choose three.) A. Disable the power on the switches B. Disable unused ports C. Disable the console password D. Configure console password E. Set a console banner to welcome the person connecting F. Configure an auxiliary password.
A. The server room temperature is too hot. B, C, and D are incorrect. A hot server room is most likely the problem since the servers are patched and protected.
Over the last month, servers have been mysteriously shutting down for no apparent reason. Servers restart normally only to shut down again eventually. Servers are fully patched, and virus scanners are up to date. Which of the following is the most likely reason for these failures? A. The server room temperature is too hot. B. The server room temperature is too cool. C. The servers are infected with a virus. D. The servers have operating system flaws.
A. Guard
Which of the following access control methods can detect abnormal activity and make security decisions based on activity? A. Guard B. Fence C. Combination lock D. Cipher lock
D. To prevent booting from a live DVD
Sean, a junior network administrator, has noticed that you have configured all the servers to boot from the hard disk and that you have disabled booting from the optical disc drive. He asks why you have disabled booting from the optical disc drive. What reason do you give? A. To prevent viruses B. To disable ports C. To password-protect CMOS D. To prevent booting from a live DVD
B. Faraday cage
The forensics officer in your company has confiscated an employee's cell phone and will seek evidence on the phone related to corporate espionage. What should the forensics officer put the phone in? A. Fall-safe container B. Faraday cage C. Forensic safe D. Fail cage
C. Proximity reader
The senior security officer within your organization would like to reduce the likelihood of someone gaining access to the facility by shoulder-surfing employees as they use key punch locks. Which of the following security controls would you suggest? A. TEMPEST system B. CCTV C. Proximity reader D. HVAC
B. Human security guards can notice abnormal circumstances. C. Human security guards can detect smells. A and D are incorrect. Video surveillance with sound can be analyzed frame by frame, resulting in a much more detailed analysis than a person's memory.
What advantages do human security guards have over video camera surveillance systems? (Choose two.) A. Human security guards have more detailed memory than saved video surveillance. B. Human security guards can notice abnormal circumstances. C. Human security guards can detect smells. D. Human security guards can recall sounds more accurately than saved video surveillance.
C. Set a console port password. D. Disable unused ports. A and B are incorrect. Cable locks are used to secure devices such as laptops or projection units and not switches and routers, which should be in locked server rooms or locked data center equipment racks. Secure Shell (SSH) is an encrypted remote command-line administrative tool. Telnet passes data across the network in clear text.
What can be done locally to secure switches and routers? (Choose two.) A. Cable lock. B. Use SSH instead of Telnet. C. Set a console port password. D. Disable unused ports.
A. Faraday cage B, C, and D are incorrect. Each of these items is designed to put the user and the equipment at equal charge to prevent the flow of static electricity, but they do not prevent actual data emanation.
What can limit the data emanation from electromagnetic radio frequencies? A. Faraday cage B. Antistatic wrist strap C. ESD mat D. ESD boots
B. Install proper lighting. A, C, and D are incorrect. Installing a barricade such as bollards in front of or around a building could prevent damage from vehicles, but it does not ensure employee safety in parking lots. Signage, such as exit signs, helps ensure user safety, along with valid escape routes and regular fire drills. Unless this is an interior parking lot, exit signs would not be needed. A first-aid kit is not standard practice for parking lot safety.
What should be done in facility parking lots to ensure employee safety? A. Install a barricade. B. Install proper lighting. C. Install an exit sign. D. Install a first-aid kit.
D. Proximity card A, B, and C are incorrect. Picture ID cards identify people. Security guards do not log facility access electronically. IP Security (IPSec) is a mechanism by which packets are authenticated and encrypted; there is no correlation to physical site security.
Which access control method electronically logs entry into a facility? A. Picture ID card B. Security guard and log book C. IPSec D. Proximity card
C. Perimeter fencing and gates A, B, and D are incorrect. Firewalls allow or block network traffic based on configured rules. Intrusion detection systems (IDSs) analyze network traffic for suspicious activity and either log the incident or take action against it. Door keypad locks do apply to physical security, but a person must first get on the property to get to a door.
Which of the following is the first step in preventing physical security breaches? A. Firewall B. IDS C. Perimeter fencing and gates D. Door keypad lock
A. Mantrap B. Hardware locks C and D are incorrect. Fingerprints identify the user via biometric authentication. Smart card authentication identifies the user through a unique code or PKI certificate contained within the smart card.
Which of the following physical access control methods do not normally identify who has entered a secure area? (Choose two.) A. Mantrap B. Hardware locks C. Fingerprint scan D. Smart card
B. They are faster than wireless networks. C. Cable runs should be installed in conduits. A and D are incorrect. Wireless networks are generally considered to be slower than wired networks. Wired network cables should not be physically exposed because this presents a security risk as well as a potential tripping hazard.
Which of the following statements regarding wired networks are correct? (Choose two.) A. They are slower than wireless networks. B. They are faster than wireless networks. C. Cable runs should be installed in conduits. D. Cable runs should be exposed to facilitate troubleshooting.
D. USB mouse A, B, and C are incorrect. Printers can retain print job information and statistics in volatile or nonvolatile memory. USB flash drives are small and easily stolen or forgotten. User workstations could have sensitive data on their disks, and they can provide access to network resources. Each of these three items must be accounted for when considering physical security.
Which of the following would not be a physical security concern? A. Printer B. USB flash drive C. Workstation D. USB mouse
A. Fail-secure B, C, and D are incorrect. Fault tolerance (sometimes referred to as fail-safe) ensures that a system can continue functioning despite a failure of some type. For example, a server may spread file and error recovery data across multiple disks. In the event of a disk failure, data can be reconstructed from the remaining disks. An uninterruptible power supply (UPS) provides temporary power to devices when a power outage occurs.
While reviewing facility entry points, you decide to replace existing doors with ones that will stay locked during power outages. Which term best describes this feature? A. Fail-secure B. Fault-tolerant C. Fail-safe D. UPS
B. Fail-safe A, C, and D are incorrect. Fail-open would apply if the firewall failed; instead of analyzing traffic to determine whether it is allowed in or out, all network traffic would be free to flow. False positives and false negatives relate to intrusion detection systems (IDSs) or security systems. A false positive occurs when a system reports there is a problem when in fact there is none. A false negative occurs when the IDS fails to detect malicious network traffic.
You are configuring an uninterruptible power supply (UPS) for your three servers such that in the event of a power failure, the servers will shut down gracefully. Which term best describes this configuration? A. Fail-open B. Fail-safe C. False positive D. False negative
C. Closed-circuit sensor A, B, D, and E are incorrect. Wi-Fi Protected Access (WPA) is a wireless security standard. Protected Distribution System (PDS) is a security standard that protects physical cables from tampering. ID badges are used to identify authorized personnel in a facility. Closed-circuit television (CCTV) is a standard security monitoring tool, but it is not the best windows-securing option.
You are considering options for securing the windows in your facility. Which of the following might you consider? A. WPA B. PDS C. Closed-circuit sensor D. ID badge E. CCTV
C. Fences
You are constructing an office location and are working on the plans for the physical security. In highly secure environments, what would your first level of physical security? A. Locked doors B. Server rooms C. Fences D. Doorman
A. Cipher lock B, C, and D are incorrect. The listed items do not meet the client requirement of users knowing an access code. A deadbolt lock requires possession of a key. Although storing sensitive paper documents in a safe is recommended, it is not required for a cipher lock, which requires an access code. Biometric authentication methods such as a unique fingerprint do not require knowledge of an access code.
You are consulting with a client regarding a new facility. Access to the building must be restricted to only those who know an access code. What might you suggest? A. Cipher lock B. Deadbolt lock C. Store the code in a safe D. Biometric authentication
B. Hot & cold aisles
You are the security officer for Company ABC and responsible for designing the security strategy for the company data center. Which of the following controls would you use to ensure the best temperature for all equipment in the data center? A. Class A extinguisher B. Hot & cold aisles C. TEMPEST system D. CCTV E. EMI shielding
D. Fail-secure
You have configured the access control system so that when a locking system on a door fails, it fails to a locked state. This is known as which of the following? A. Fail-open B. Fail-safe C. Fail-save D. Fail-secure
C. Hot & cold aisles
You have configured the data center so that all the racks in each passageway face each other. What is your goal with this configuration? A. Faraday cage B. Fall-safe C. Hot & cold aisles D. Fall-secure
B. Configure emergency lighting.
You have ensured that the pathways to all the exits, entrances, and parking lots have adequate lighting. What else should you consider with regards to lighting? A. Ensure there is a 2-foot dark area between lights B. Configure emergency lighting. C. Ensure there is a 1-foot dark area between lights. D. Schedule the lights to work only during off hours.
A. Air flow D. Humidity E. Power B and C are incorrect. Tape backups provide a copy of important data should server hard disks fail. Backup media stored on-premises should be secured, such as in a locked cabinet or enclosure, or stored in a safe or vault. Server hard disk encryption protects hard disk data should the server hard disks be physically stolen.
You would like to minimize disruption to your IT infrastructure. Which of the following environmental factors should you monitor? (Choose three.) A. Air flow B. Tape backups C. Server hard disk encryption D. Humidity E. Power
B. Purchase a smoke detection waterless fire suppression system. A, C, and D are incorrect. Water sprinkler systems will damage or destroy computer equipment and data and should be avoided when possible. While important, placing a fire extinguisher in the server room is not the only thing you should recommend; water damage devastates computer systems.
Your company has moved to a new location where a server room is being built. The server room currently has a water sprinkler system in case of fire. Regarding fire suppression, what should you suggest? A. Keep the existing water sprinkler system. B. Purchase a smoke detection waterless fire suppression system. C. Keep the existing water sprinkler system and install a raised floor. D. Place a fire extinguisher in the server room.
B. No windows D. A single entrance
Your manager is looking to create a server room to store all the servers, routers, and switches for the company, and he is looking for recommendations. Which of the following are suitable for a server room? (Choose two.) A. Only one window B. No windows C. Two entrances, one exit D. A single entrance E. Two entrances