3.1 Physical Threats
Which option is a benefit of CCTV?
Expand the area visible by security guards
Turstile
A barrier that permits entry in only one direction.
Double-entry door
A double-entry door has two doors that are locked from the outside but have crash bars on the inside that allow easy exit.
Access list
A list of personnel who are authorized to enter a secure facility
Doors
A mantrap is a specialized entrance with two doors that create a security buffer zone between two areas. Once a person enters into the space between the doors, both doors are locked. To enter the facility, authentication must be provided. Authentication may include visual identification and identification credentials. Mantraps should permit only a single person to enter. The person must provide authentication. If authentication is not provided, the intruder is kept in the mantrap until authorities arrive. A turnstile is a barrier that permits entry in only one direction. Physical turnstiles are often used to control entry for large events such as concerts and sporting events. Optical turnstiles use sensors and alarms to control entry. Turnstiles are often used to permit easy exit from a secure area. Entry is controlled through a mantrap or other system that requires authentication for entry. A double-entry door has two doors that are locked from the outside but have crash bars on the inside that allow easy exit. Double-entry doors are typically used only for emergency exits and alarms sound when the doors are opened.
Mantrap
A specialized entrance with two locking doors that create a security buffer zone between two areas.
Smart card
Access cards that have encrypted access information. Smart cards can be contactless or require contact.
Control Measures
As you implement physical security, be sure to keep the safety of employees and visitors in mind. Consider the importance of the following actions: Implement adequate lighting in parking lots and around employee entrances. Implement emergency lighting that runs on protected power and automatically switches on when the main power goes off. Implement fail-open locking systems that allow employees to exit your facility quickly in the event of an emergency. Devise escape plans that utilize the best escape routes for each area in your organization. Post these escape plans in prominent locations. Conduct emergency drills to verify that the physical safety and security measures you have implemented function correctly.
If a fingerprint or retina scan is required to open a secured door, which kind of physical security has been implemented?
Biometric locks
Biometric Locks
Biometric locks increase security by using fingerprints or iris scans. They reduce the threat from lost keys or cards.
Bollard
Bollards are short, sturdy posts used to prevent a vehicle from crashing into a secure area.
Closed-Circuit Television (CCTV)
Closed-circuit television can be used as both a preventative tool (when monitoring live events) or as an investigative tool (when events are recorded for later playback). Camera types include: A bullet camera, which has a built-in lens. It is long and round in shape. Most bullet cameras can be used indoors or outdoors. A c-mount camera, which has interchangeable lenses. It is typically rectangle in shape with the lens on the end. Most c-mount cameras require a special housing to be used outdoors. A dome camera, which is a camera protected with a plastic or glass dome. These cameras are more vandal-resistant than other cameras. A pan tilt zoom (PTZ) camera, which lets you dynamically move the camera and zoom in on specific areas. Cameras without PTZ capabilities are manually set looking toward a specific direction. Automatic PTZ mode automatically moves the camera between several preset locations. A manual PTZ lets an operator remotely control the position of the camera. When selecting cameras, be aware of the following characteristics: The focal length measures the magnification power of a lens. The focal length controls the distance that the camera can see, as well as how much detail can be seen at a specific range. The focal length is expressed in millimeters (mm). A higher focal length lets you see more detail at a greater distance. Most cameras have a 4 mm lens with a range of 30-35 feet. This allows you to see facial features at that distance. A fixed lens camera has a set focal length. A varifocal camera lens lets you adjust the focus (zoom). A 70-degree view angle is the largest view angle possible without distorting the image. The resolution is rated in the number of lines (such as 400) included in the image. In general, the higher the resolution, the sharper the image. LUX is a measure of the sensitivity to light. The lower the number, the less light is necessary for a clear image. Infrared cameras can record images in little or no light. Infrared cameras have a range of about 25 feet in no light and further in dimly-lit areas. When CCTV is used in a preventative way, you must have a guard or other person who monitors one or more cameras in real time. The cameras effectively expand the area that can be monitored by the guard. Cameras can only detect security breaches. Guards can prevent and react to security breaches.
Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry?
Deploy a mantrap
Detection
Detection is identifying that a security breach has happened or is happening.
Door locks
Door locks allow access only to people with the proper key. Lock types include: Pick-resistant locks with restricted key duplication are the most secure key lock. It is important to note that all traditional key locks are vulnerable to lock-picking (shimming). Keypad locks require knowledge of a code and reduce the threat from lost keys and cards. Clean keypads frequently to remove indications of buttons used. Smart cards have the ability to encrypt access information. Smart cards can be contact or contactless. Contactless smart cards use the 13.56 MHz frequency to communicate with proximity readers. A smart card can communicate a great deal of information. Proximity cards, also known as radio frequency identification (RFID) cards, are a subset of smart cards that use the 125 kHz frequency to communicate with proximity readers. Proximity cards differ from smart cards because they are designed to communicate only the card's identity. Biometric locks increase security by using fingerprints or iris scans. They reduce the threat from lost keys or cards.
Which of the following allows an easy exit of an area in the event of an emergency, but also prevents entry? (Select two.)
Double-entry door Turnstile
Which of the following are solutions that address physical security? (Select two.)
Escort visitors at all times Require identification and name badges for all employees
Which of the following controls is an example of a physical access control method?
Locks on doors
You want to use CCTV to increase your physical security, and you want the ability to remotely control the camera position. Which camera type should you choose?
PTZ
Physical access controls
Physical access controls can be implemented inside the facility. Physical controls can include key fobs, swipe cards, or badges. To control access to sensitive areas within the facility, require a card swipe or reader. Some systems can track personnel movement within a facility and proactively lock or unlock doors based on the access token device. An anti-passback system prevents a card holder from passing their card back to someone else. Physical controls are often implemented along with sensors and alarms to detect unauthorized access. Photoelectric sensors detect motion and are best suited to detect a perimeter breach rather than interior motion detection. Wave pattern, heat sensing, and ultrasonic sensors are better suited for interior motion detection than perimeter breach detection.
Physical access logs
Physical access logs are implemented by the guards of a facility and require everyone gaining access to the facility to sign in.
Physical security
Physical security is the protection of corporate assets from threats such as unauthorized entry, theft or damage.
Physical Security
Physical security is the protection of corporate assets from threats, such as theft or damage. There are three factors to keep in mind with physical security: prevention, detection, and recovery. Prevention is making the location less tempting to break into. Detection is identifying what was broken into, what is missing, and the extent of the damage. Recovery is the review of the physical security procedures, repairing any damage, and hardening the physical security of the company against future problems. Important aspects of physical security include: Restricting physical access to facilities and computer systems. Preventing interruptions of computer services caused by problems such as loss of power or fire. Preventing unauthorized disclosure of information. Disposing of sensitive material. Protecting the interior and exterior of your facility.
Defense in Depth
Physical security should deploy in the following sequence. If a step in the sequence fails, the next step should implement itself automatically. Deter initial access attempts Deny direct physical access Detect the intrusion Delay the violator to allow for response When designing physical security, implement a layered defense system. Defense in depth is a process in which controls are implemented in layers to ensure that defeating one level of security does not allow an attacker subsequent access. Using multiple types of security controls within the same layer further enhances security. Tips for implementing a multi-layered defense system include: Protect entry points with a card access system, or some other type of control, as well as a security camera. Use a reception area to prevent the public, visitors, or contractors from entering secure areas of the building without an escort. Use the card access or other system to block access to elevators and stairwells. This prevents someone who successfully tailgates from gaining further access. Use a variety of access systems such as key locks, keypad locks, or biometric controls to secure offices or other sensitive areas. Implement security within offices and data centers using locking storage areas and computer passwords. Perform physical security inspections quarterly. Violations should be addressed in a formal manner, with warnings and penalties imposed.
Prevention
Prevention is taking the steps necessary to avert unauthorized access, theft, damage, or other type of security breach.
Proximity card
Proximity cards, also known as radio frequency identification (RFID) cards, are a subset of smart cards that use the 125 kHz frequency to communicate with proximity readers.
After a security event that involves a breach of physical security, what is the term used for the new measures, incident review, and repairs meant to stop a future incident from occurring?
Recovery
Recovery
Recovery is the process of returning a system to a functional state and repairing any damage.
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access?
Smart card
Perimeter barriers
The first measure in physically securing a building is to secure the perimeter and restrict access to secure entry points. Methods for securing the perimeter are explained in the following list. Fences provide an environmental barrier that prevents easy access to the facility. A low fence (3-4 feet) acts as a deterrent to casual intrusion. A higher fence (6-7 feet) acts as a deterrent unless the trespasser has a specific intent to violate security. A fence 8 feet or higher topped with barbed wire is an effective deterrent. Barricades can be erected to prevent vehicles from approaching the facility. Bollards are short, sturdy posts used to prevent a car from crashing into a secure area. Signs should be posted to inform individuals that they are entering a secured area. Guard dogs are generally highly reliable, but are appropriate only for physical perimeter security. They can be expensive to keep and maintain. Their use might raise issues of liability and insurance. Lighting deters casual intruders, helps guards see intruders, and is necessary for most cameras to monitor the area. To be effective, lights should be placed to eliminate shadows or dark spots. Security guards offer the best protection for perimeter security because they can actively respond to a variety of threat situations. Security guards can also reference an access list tht explicitly lists who can enter a secure facility. However, guards are expensive, require training, and can be unreliable or inconsistent.