CIST 1601 Chapter 4

Ace your homework & exams now with Quizwiz!

4.1.5 Physical Threats

4.1.5 Physical Threats

4.2.4 Device Protection

4.2.4 Device Protection

4.3.3 Network Infrastructure Protection

4.3.3 Network Infrastructure Protection

4.4.5 Environmental Controls

4.4.5 Environmental Controls

What is the recommended humidity level for server rooms? O 10% or lower O 30% O 50% O 70% or higher

50%

You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions? O 500 resolution, 50mm, .05 LUX O 500 resolution, 50mm, 2 LUX O 400 resolution, 10mm, 2 LUX O 400 resolution, 10mm, .05 LUX

500 resolution, 50mm, .05 LUX

Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems? O Add a de-humidifier to the server room O Add line conditioners in the server room O Add a humidifier to the server room O Add a separate A/C unit in the server room

Add a separate A/C unit in the server room

Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components? O Soda acid O Carbon dioxide (C02) O Dry powder O Water-based

Carbon dioxide (C02)

Which of the following fire extinguisher types is best used for the electrical fires that might result when working with computer components? O Class A O Class B O Class C O Class D

Class C (they use CO2 or Halon) to remove oxygen from fire)

An attacker is using an eavesdropping technique called Van Eck phreaking on a networking closet. Which of the following describes what the attacker is doing? O Connecting to an open switch port O Connecting to an open Ethernet port O Collecting electronic emissions O Capturing data transmissions

Collecting electronic emissions

One of the ways attackers can access unencrypted data being transmitted on your network is by collecting electronic emissions that come from your networking closet or Ethernet cables. Which of the following solutions could bog down the infrastructure? O Employing a protective distribution system, or PDS O Place your network closet inside a Faraday cage O Use Ethernet port locking devices O Configure all data transmissions to be encrypted

Configure all data transmissions to be encrypted

Which of the following controls is an example of a physical access control method? O Passwords O Smart cards O Locks on doors O Hiring background checks O Access control lists with permissions

Locks on doors

Which of the following is the most important thing to do to prevent console access to the router? O Keep the router in a locked room O Set console and enable secret passwords O Disconnect the console cable when not in use O Implement an access list to prevent console connections

Keep the router in a locked room

Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry? O Use weight scales O Deploy a mantrap O use key locks rather than electronic locks O Install security cameras

Deploy a mantrap (single person room with two doors)

You are about to enter your office building through a back entrance. A man dressed as a plumber asks you to let him in so he can fix the restroom. What should you do? -Direct him to the front entrance and instruct him to check in with the receptionist. -Let him in. -Tell him no and quickly close the door. -Let him in and help him find the restroom, then let him work.

Direct him to the front entrance and instruct him to check in with the receptionist.

Which of the following statements about ESD is NOT correct? O ESD is much more likely to occur when the relative humidity is above 50%. O One of the greatest threats to computer equipment is ESD. O Measuring the moisture content in the air can be helpful in avoiding ESD. O ESD damage is more likely to occur in low humidity'.

ESD is much more likely to occur when the relative humidity is above 50%.

Physical security is an obvious requirement for network security, but it is often easy to overlook or forget to plan for it. Which of the following is NOT a benefit of physical security? O Network resources are safer from natural disasters. O Untrained employees cannot misuse equipment. O Sensitive data is protected from unauthorized access. O Employee passwords are stronger. O Terrorists cannot walk in off the street and change the network configuration.

Employee passwords are stronger.

What is the primary benefit of CCTV? O Expand the area visible by security guards O Increase security protection throughout an environment O Reduce the need for locks and sensors on doors O Provide a corrective control

Expand the area visible by security guards

Match each physical security control on the left with an appropriate example of that control on the right. Each security control may be used once, more than once, or not at all. O Perimeter barrier O Door locks O Physical access control O Safety O Protected cable distribution Hardened carrier Biometric authentication Barricades Emergency escape plans Alarmed carrier Anti-passback system l Emergency lighting Exterior floodlights

Hardened carrier O Protected cable distribution Biometric authentication O Door locks Barricades O Perimeter barrier Emergency escape plans O Safety Alarmed carrier O Protected cable distribution Anti-passback system O Physical access control Emergency lighting O Safety Exterior floodlights O Perimeter barrier

To keep your data center safe, you have done the following: • Restricted physical access to employees who strictly need to get in the data center. • Required employees to enter a password using a pin pad to enter the data center. • Deployed a Faraday cage to keep sensitive network devices safe from external electrical fields. Which of the following measures will NOT improve physical security in the data center? O Implement a checkout policy. O Set up video surveillance in the data center. O Grant employee access to hardware on a need to know basis. O Place all sewers in secured cabinets.

Implement a checkout policy. (it ensures that company-owned hardware does not leave the org. premises without a manager's approval, but hardware i data center should never be allowed to leave the building.)

You are an IT consultant. You are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and escorts you through a locked door to the work area, where the office manager sits. • The office manager informs you that the organization's servers are kept in a locked closet. An access card is required to enter the server closet. • She informs you that server backups are configured to run each night. A rotation of tapes are used as the backup media .• You notice the organization's network switch is kept in the server closet.You notice that a router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. • The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You take the workstation back to your office to work on it. What security related recommendations should you make to this client? O Replace the tape drive used for backups with external USB hard disks. O Keep the network infrastructure devices (switch and all-in-one device) in a locked room separate from network servers. O Implement a hardware checkout policy. O Upgrade the server closet lock to a biometric authentication system.

Implement a hardware checkout policy.

You walk by the server room and notice that a fire has started. What should you do first? O Grab a fire extinguisher and try to put out the fire. O Turn on the overhead sprinklers. O Call the fire department. O Make sure everyone has cleared the area.

Make sure everyone has cleared the area.

Which of the following is not an example of a physical barrier access control mechanism? O Fences O Mantrap O One-time passwords O Biometric locks

One-time passwords

You want to use CCTV to increase your physical security. You want the ability to remotely control the camera position. Which camera type should you choose? O Dome O PTZ O Bullet O C-mount

PTZ (A Pan Tilt Zoom)

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting network availability. Which of the following should you implement? O Negative pressure system O Line conditioner O Backup generator O Positive pressure system O UPS

Positive pressure system (it protects air quality in area, force air out of doors..)

Which of the following is the LEAST effective power loss protection for computer systems? O Backup power generator O Uninterruptible power supply O Secondary power source O Surge protector

Surge protector

A malicious user in your organization was able to use the Trinity Rescue Kit to change the password on a department manager's computer in the finance department. The user was able to copy data containing bank account information and social security numbers. The user then destroyed the data by resetting the computer.The department manager was at lunch at the time and had enabled the lock screen to require a password to gain access to the computer.Which additional measure should the manager have taken to prevent data theft? O The data should have been backed up so it could be restored after it was destroyed. O The sensitive data on the computer should have been encrypted. O The computer should have been kept in a physically secure location. O The computer should have been bolted to the desk.

The computer should have been kept in a physically secure location.

Which option is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment while actively preventing re-entrance through the exit portal? O Electronic access control doors O Egress mantraps O Locked doors with interior unlock push bars O Turnstiles

Turnstiles

Which of the following CCTV camera types lets you adjust the distance that the camera can see ( in other words, zoom in or out)? O Varifocal O Infrared O C-mount O Fixed

Varifocal (cameras let you adjust the focus zoom)

Your company has five salesmen who work out of the office and frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns? O Encrypt all company data on the hard drives O Require strong passwords in the local security policy O Implement screen saver passwords O use cable locks to chain the laptops to the desks

use cable locks to chain the laptops to the desks

Which of the following fire extinguisher types poses a safety risk to users in the area? (Select two.) ☐ CO2 ☐ Halon ☐ Foam ☐ Water

☐ CO2 ☐ Halon

You are an IT consultant. You are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: • When you enter the facility, a receptionist greets you and directs you down the hallway to the office manager's cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock. • The office manager informs you that the organization's servers are kept in a locked closet.Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access the closet .• She informs you that server backups are configured to run each night. A rotation of external USB hard disks are used as the backup media. • You notice that the organization's network switch is kept in an empty cubicle adjacent to the office manager's workspace .• You notice that a router/firewall/content filter all in one device has been implemented in the server closet to protect the internal network from external attacks. Which security related recommendations should you make to this client? (Select two.) ☐ Use separate dedicated network perimeter security devices instead of an all-in-one device ☐ Replace the key lock on the server closet with a card reader ☐ Replace the LISB hard disks used for server backups with a tape drive ☐ Control access to the work area with locking doors and card readers ☐ Relocate the switch to the locked server closet

☐ Control access to the work area with locking doors and card readers ☐ Relocate the switch to the locked server closet

Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry'? (Select two.) ☐ Double-entry door ☐ Turnstile ☐ PTZ CCTV ☐ Anti-passback system ☐ Mantrap

☐ Double-entry door ☐ Turnstile

Which of the following are solutions that address physical security? (Select two.) ☐ Implement complex passwords ☐ Escort visitors at all times ☐ Require identification and name badges for all employees ☐ Scan all floppy disks before use ☐ Disable guest accounts on computers

☐ Escort visitors at all times ☐ Require identification and name badges for all employees

Your networking closet contains your network routers, switches, bridges, and some servers. You want to make sure an attacker is not able to gain physical access to the equipment in the networking closet and prevent anyone from re-configuring the network to set up remote access or backdoor access. Which of the following measures are the best way to secure your networking equipment from unauthorized physical access? (Select two. Each measure is part of a complete solution.) ☐ Place your networking equipment in a Faraday cage. ☐ Place your networking equipment in a locked cage. ☐ Place your networking equipment in a Van Eck cage. ☐ Place your networking equipment in a room that requires key card entry. ☐ Place your networking equipment in a TEMPEST cage.

☐ Place your networking equipment in a locked cage. ☐ Place your networking equipment in a room that requires key card entry.

Beside protecting a computer from under voltages, a typical UPS also performs which two actions? ☐ Prevents electric shock ☐ Prevents ESD ☐ Protects from over voltages ☐ Conditions the power signal

☐ Protects from over voltages ☐ Conditions the power signal


Related study sets

Chapter 6 - Leasehold: The Law of Landlord and Tenant

View Set

Subtopic renal, urinary, and reproductive systems

View Set

AVEDA: Chapter 3 Anatomy and Physiology

View Set

Enterprise Architecture Management

View Set

Unit 7.5 Quantitative Evaluation Measurements (Series 65)

View Set

AP Macroeconomics Final Review Mods 1-20 (Work in Progress)

View Set

Chapter 16: Microbial Biotechnology

View Set

Medical Surgical Nursing Chapter 16 Cancer

View Set