Chapter 4 - Physical Security
How high should shrubs be? A. 18-24 inches B. 25-38 inches C. 36-42 inches D. none of the above
A. 18-24 inches
While guards and dogs are both good for physical security, which of the following more commonly applies to dogs? A. Liability B. Discernment C. Dual role D. Multifunction
A. Liability
During an assessment, you discovered that the target company was using a fax machine. Which of the following is the least important? A. The phone number is publicly available B. The fax machine is in an open, unsecured area C. Faxes frequently sit in the printer tray D. The fax machine uses a ribbon
A. The phone number is publicly available
Any opening 18 feet or less above the ground should be considered easy access and should be secured if greater than 96 inches. A. True B. False
A. True
In the field of IT security, the concept of defense in depth is layering more than one control on another. A. True B. False
A. True
Name 4 configurations of authentication tokens.
Active electronic; electronic circuit; magnetic stripe; magnentic strip; contactless cards
The process of sniffing network traffic when a switch is involved; splits network into different logical collision domains; relies on injecting packets into network, causing traffic that should not be sent to your system to be sent to your system.
Active sniffing
A datacenter should have no more than __________ door(s). A. 1 B. 2 C. 3 D. 4
B. 2
Datacenters can be located on any floor in a building. A. True B. False
B. False
Information is easily recovered if sanitization was performed. A. True B. False
B. False
Physical security is less important than logical security. A. True B. False
B. False
Sniffing is restricted to wired networks. A. True B. False
B. False
Which type of biometric system is frequently found on laptops? A. Retina B. Finger scan C. Iris D. Voice recognition
B. Finger scan
Authentication that is based on a behavioral or psychological characteristic that is unique to an individual.
Biometrics
A short-range communication technology is __________.
Bluetooth
A device that prevents entry into designated areas by motor vehicle traffic; prevents ram-raiding; they may not always be visible.
Bollard
A(n) __________ is used to prevent cars form ramming a building.
Bollard
Name the 3 layers of physical defense.
Building perimeter; building exterior; interior controls
How is a biometric device measured?
By the percentage of Type 1 and Type 2 errors it produces.
Hedges should be cut A. 1 inches below the level of the windows B. 3 inches below the level of the windows C. 6 inches below the level of the windows D. does not matter
C. 6 inches below the level of the windows
Allows an individual to send unsolicited messages over Bluetooth to other Bluetooth devices. A. Bluesmirking B. Bluesmurfing C. Bluejacking D. Bluejumping
C. Bluejacking
What is a common physical control that can be used as both a detective and reactive tool? A. A fence B. An alarm C. CCTV D. A lock
C. CCTV
What grade of lock would be appropriate to protect a critical business asset? A. Grade 4 B. Grade 2 C. Grade 1 D. Grade 3
C. Grade 1
Which of the following is the best choice for showing the flow of human traffic into areas or ensuring that individuals are properly screened and authenticated prior to entering an area? A. Steel door B. Bollard C. Turnstile D. Warning sign
C. Turnstile
Classification of gates that uses somewhat heavier construction and falls in the range of 3-4 feet in height
Commercial or Class 2
What is the most common type of lighting used as a personal safety control?
Continuous
What do lock pick sets typically contain at a minimum? A. Tension wrenches and drivers B. A pick C. A pick and a driver D. A pick and a tension wrench
D. A pick and a tension wrench
A Type 2 error is also known as what? A. False rejection rate B. Failure rate C. Crossover error rate D. False acceptance rate
D. False acceptance rate
What defines the camera's effectiveness in viewing objects form a horizontal and vertical view? A. Granularity B. Ability to zoom C. Field of view D. Focal length
D. Focal length
What is an intrusion detection system used exclusively in conjunction with fences? A. Infrared wave patter B. Motion detector C. RFID D. PIDAS
D. PIDAS
Process that permanently destroys the contents of the hard drive or magnetic media, cannot be reused.
Degaussing
Name 5 facility controls.
Doors, mantraps, & turnstiles; walls, ceilings, floors; windows; guards & dogs; construction
Process of overwriting all information on drive and allows for drive to be reused.
Drive wiping
Name 3 methods of sanitization.
Drive wiping, zeroization, degaussing
Name four categories of WLAN's attacks.
Eavesdropping; open authentication; rogue access points; denial of service
Provides physical and psychological barrier, should be 8 feet long or greater to deter.
Fences
Name 6 types of physical control measures.
Fences, gates, bollards, perimeter intrusion detection system (PIDS), warning signs & notices, tress & foliage
Name 7 common types of biometric systems.
Finger scan; hand geometry; palm scan; retina pattern; iris recognition; voice recognition; keyboard dynamics
Applying encryption to an entire disk is known as ____________.
Full disk encryption or full volume encryption
Chokepoint or point where all traffic must enter and exit the facility.
Gates
Which lock grade gives the highest security?
Grade 1
Which lock grade has the weakest design?
Grade 3
Classification of gates that are in the range of 6-7 feet in height and are of heavier construction, including chain link communication.
Industrial or Class 3
What is PBX used for?
Intraoffice phone exchange
Name 3 personal safety controls.
Lighting, alarms, CCTV
Name 4 physical access controls
Locks, tokens, biometrics, id badges
A structure that replaces a normal single door with a phone-booth sized object with a door on each side; allows enough room for one person; only one door opens at a time.
Mantrap
Name two types of locks.
Mechanical and cipher
What are two of the issues with lighting?
Overlap and glare
System that uses sensors that detect intrusion.
PIDAS (perimeter intrusion & detection assessment system)
Relies on a feature of the network card called "promiscuous" mode; it does not transmit data on the network and is hard to detect; used on networks with a hub.
Passive sniffing
Name 4 basic equipment controls.
Passwords, Password screen savers & session controls, hard drive & mobile device encryption, fax machines & public branch exchanges (PBX)
PIDAS stands for __________.
Perimeter intrusion and detection assessment system
Individuals that target telecommunication systems are known as __________.
Phreakers
Mantraps stop __________.
Piggybacking
Name 3 software programs that can be used to lock files and folders.
Pretty Good Privacy (PGP), TrueCrypt, Bitlocker
PBX stands for ___________.
Private Branch Exchange
Classification of gates that refers to gates as ornamental
Residential or Class 1
Name the 4 classification of gates.
Residential or Class 1 Commercial or Class 2 Industrial or Class 3 Restricted Access or Class 4
Classification of gates that meet or exceed a height of 8 feet and are of heavier construction
Restricted Access or Class 4
This is used to intercept network traffic and launch a man-in-the-middle attack.
Rogue access point
Process of clearing all identified content so no data remnants can be recovered.
Sanitization
A technique where tension is held on a lock with a tension wrench while the pins are scraped quickly, placing the pins in a mechanical bind.
Scraping
Hardware or software-based device that has the ability to observe traffic on a network and help a network administrator or an attacker construct what is happening on the network.
Sniffing
What type of doors should businesses consider, especially for server rooms and other critical assets?
Solid core
What two components are used to pick locks?
Tension wrench and picks
Name 5 human threats.
Theft; vandalism; destruction; terrorism; accidental
This control can be used to slow the flow of traffic into areas or ensure that individuals are properly screened & authenticated prior to entering a room.
Turnstile
This biometric error is a measurement of the percentage of individuals who should have been granted access, but were not allowed access.
Type 1
This biometric type of error is reflected by a false rejection rate (FRR).
Type 1 (False Rejections)
This biometric error is a measurement of the percentage of individuals who have gained access, but should not have been granted such.
Type 2
This biometric type of error is reflected by a false acceptance rate (FAR).
Type 2 (False Acceptance)
__________ allows for the placing of telephone calls over computer networks and the Internet.
VoIP
VoIP stands for __________.
Voice over IP
Which lock is the easiest to pick?
Warded
What point of a structure is usually the first to be attacked?
Weakest
Process usually associated with cryptographic processes, device is reset to zero to prevent anyone from recovering key.
Zeroization