Exam Essentials
Exam Essentials
Be able to describe the various aspects of physical security. Physical security involves mechanisms to provide access control, physical barriers, and authentication systems such as biometric systems.
Be able to describe the types of access control
methods used in physical security. The primary methods of access control include perimeter security, security zones, physical barriers, and identification systems. These systems, when implemented inlayers , make it harder for an intruder to gain access. Physical access methods should also include intrusion detection systems such as video surveillance in order to monitor the activities when they occur. This helps security professionals manage the threat and make changes when necessary.Be able to describe the process of social engineering. Social engineering occurs when an unauthorized individual uses human or nontechnical methods to gain information or access to security information. Individuals in an organization should be trained to watch for these types of attempts, and they should report them to security professionals when they occur.
Be able to discuss the various aspects of environmental systems and functions. Environmental systems include heating, air conditioning, humidity control, fire suppression, and power systems. All of these functions are critical to a well-designed physical plant.
Be able to describe the purposes of shielding in the environment. Shielding primarily
prevents interference from EMI and RFI sources. Most shielding is attached to an effective ground, therebyneutralizing or reducing interference susceptibility.Be able to describe the types of fire suppression systems in use today. Fire suppression systems are usually either fixed or portable. Portable systems usually are fire extinguishers. Fixed systems are part of the building, and they are usually water-based or gas-based. Gas-based systems are usually found only in computer rooms or other locations where water- based systems would cause more damage than is warranted. Gas systems work only in environments where airflow can be limited. Gas systems remove
oxygen from the fire, causing the fire to go out. Water systems usually remove heat from a fire,causing the fire to go out.
Key Terms
Before you take the exam, be certain you are familiar with the following terms:
|
access control |
Electromagnetic Interference (EMI) |
|
|
fire suppression |
|
backup power |
full distribution |
|
Bell La-Padula model |
information classification |
|
Biba model |
Information Flow model |
|
Business Continuity Planning (BCP) |
internal information |
|
Business Impact Analysis (BIA) |
ISO 17799 |
|
Clark-Wilson model |
limited distribution |
|
Critical Business Functions (CBF) |
mantrap |
|
custodian |
need-to-know basis |
|
Noninterference model |
Radio Frequency Interference (RFI) |
|
owner |
restricted information |
|
partitioning |
risk analysis |
|
perimeter security |
risk assessment |
|
physical barriers |
security professionals |
|
policies |
security zone |
|
power conditioners |
spikes |
|
power systems |
surge protectors |
|
private information |
Uninterruptible Power Supply (UPS) |
|
public information |
|
user
Review Questions
|
1. |
The component of physical security that addresses outer-level access control is called what?
|
|
|
2. |
Which of the following categories of fire extinguisher are intended for electrical fires?
|
|
|
3. |
Which of the following will not reduce EMI?
|
|
|
4. |
Which access method breaks a large area into smaller areas that can be
|
|
|
5. |
Which of the following is equivalent to building walls in an office building from a network perspective?
|
|
|
6. |
The process of preventing access to computer systems in a building is called what?
|
|
|
7. |
Which of the following is an example of perimeter security?
|
|
|
8. |
Which of following best describes a motion detector mounted in the corner of a hallway?
|
|
|
9. |
What is the technology that uses a physical characteristic to establish identity called?
|
|
|
10. |
An attack that attempts to use human shortcomings, as opposed to technological
|
|
|
11. |
Wireless
|
|
|
12. |
GSM is an example of which technology?
|
|
|
13. |
The process of reducing or eliminating susceptibility to outside interference is called what?
|
|
|
14. |
Which certification is used to
|
|
|
15. |
Which
|
|
|
16. |
Which fire suppression system works best when used in an
|
|
|
17. |
The CBF identifies which aspects of a business?
|
|
|
18. |
Which documents identify the methods used to accomplish a given task?
|
|
|
19. |
Which classification of information designates that information can be released on a restricted basis to outside organizations?
|
|
|
20. |
Which information access control prevents users from writing information down to the lower level of security and
|
|
Answers
|
1. |
A. The first layer of access control is perimeter security. Perimeter security is intended to delay or
|
|
2. |
C. Type C fire extinguishers are intended for use in electrical fires. |
|
3. |
B. EMI is caused by electrical devices, such as motors, that generate magnetic fields. Humidity control will not address EMI. |
|
4. |
A. A security zone is a smaller part of a larger area. Security zones can be monitored individually if needed. Answers B, C, and D are examples of security zones. |
|
5. |
B. Partitioning is the process of breaking a network into smaller
|
|
6. |
B. Access control is the primary process of preventing access to physical systems. Answers A and B are part of the access control process. |
|
7. |
A. Perimeter security involves creating a perimeter or outer boundary for the physical space. Video surveillance systems would not be
|
|
8. |
C. A security zone is an area that is a smaller component of the entire facility. Security zones allow intrusions to be
|
|
9. |
A. Biometrics is a technology that uses personal characteristics, such as a retinal pattern or
|
|
10. |
A. Social engineering uses the inherent trust in the human species, as opposed to technology, to gain access to your environment. |
|
11. |
A. Wireless cell systems are primarily line-of-site communication systems. These systems use the microwave
|
|
12. |
D. Global System for Mobile Communications (GSM) is the newest standard for cellular communications. GSM promises to provide encryption, as well as international usability. |
|
13. |
A. Shielding keeps external electronic signals from disrupting operations. |
|
14. |
D. TEMPEST is the certification given to electronic devices that emit minimal RF emissions. The TEMPEST certification is very difficult to acquire, and it significantly
|
|
15. |
A. Receivers tend to desensitize when they are exposed to strong RF signals. This makes the receiver in the WAP seemingly go deaf to normal-strength signals. |
|
16. |
A. Gas-based systems work by displacing the air around a fire. This eliminates one of the three necessary components of a fire. |
|
17. |
C. The critical business functions are those functions that must be established as soon as possible for the business to succeed. |
|
18. |
C. Guidelines help clarify processes to maintain standards. Guidelines tend to be less formal than policies or standards. |
|
19. |
D. Limited distribution information can be released to select individuals and organizations, such as financial institutions, governmental agencies, and creditors. |
|
20. |
A. The Bell La-Padula model is intended to protect confidentiality of information. This is accomplished by prohibiting users from reading above their security level and keeps them from writing below their security level. |
Similar products
- Special Edition Using Crystal Reports 10
Crystal subreport nesting - Java EE and. Net Interoperability(c) Integration Strategies, Patterns, and Best Practices
C%23+explicit+escalating+transaction+to+dtc+-transactionscope - 3D Game Programming All in One
3d game programming + animation - JavaScript. The Definitive Guide
Readonly +javascript