This site is 100% ad supported. Please add an exception to adblock for this site.

CISSP - Chapter 4 Physical Security


undefined, object
copy deck
List 2 Physical construction traits and two Technical controls for Physical Security.
Physical construction of the facility
- Building Structure
- Surroundings

Technical controls
- Proximity devices
- Intrusion detection systems
List three supporting facility controls:
1- Electrical power.
2- Heating, ventilation, and air-cond.
3- Fire detection and suppression.
List 5 of 9 threats to Physical Security:
1- Physical damage
2- Theft
3- Interruption of service
4- Unauthorized disclosure of information
5- Natural disasters
6- Fires
7- Vandalism
8- Terrorism
9- Environmental issues
What type of controls make up the 1st line of defense? The last?
Physical security controls make up the first line of defense. People make up the last.
When considering physical security, what are three issues to consider when constructing facility walls?
1- Combustibility of the material
2- Fire rating
3- Reinforcements for secured areas
Besides combustibility and fire ratings, what issues should be considered when constructing facility ceilings?
- Load and weight bearing rating
- Drop ceiling considerations
Besides combustibility and fire ratings, what issues should be considered when constructing facility doors?
- Resistance to forcible entry
- Emergency marking
- Placement
- Alarms
- Directional opening
- Electric door locks reverting to a disabled stat in power failures
- Types of glass (shatter or bullet-proof)
- Strike-plates, reinforced doors
- Tamper-resistant hinges
What is the difference between fail-safe and fail-secure for facility doors when the power supply fails?
Fail-safe means the door locks revert to an unlocked state when the power fails.

Fail-secure means they will revert to a locked state when power fails.
What does MTBF and MTTR stand for?
MTBF = Mean Time Between Failure
MTTR = Mean Time To Repair
What is the difference between standby UPS and online UPS?
A standby UPS remains powered off until an electrical failure, then it kicks in to provide backup power to the computing resources. An online UPS is constantly on because the main voltage for the computing resources runs through it at all times.

Remember: UPS are for short-term power. Generators are for long-term emergencies.
What are voltage regulators and line conditioner used for?
They are used to detect and protect against power fluctuations.
What are some common environmental considerations for computer rooms?
- Using antistatic flooring in data centers.
- Ensuring proper humidity.
- Having proper grounding of building and outlets.
- Not having carpeting in data centers.
- Wearing antistatic bands when working on computers.
What is Positive Pressurization and when should it be used?
Positive Pressurization is maintaining a higher air pressure in the computer room so as to avoid contamination from outside air sources.
Name four types of fire detection devices:
1- Smoke-activated
2- Optical (photoelectric)
3- Heat activated
4- Flame activated (infrared detector)
Name the 4 types of fires and the most effective methods for suppressing them:
Type A Fire- Common combustibles like wood products and paper, suppressed with water or soda acid.

Type B Fire- Liquid fires like petroleum products and coolants, suppressed with Gas (Halon) CO2, or soda acid.

Type C Fire- Electrical fires like electrical equipment and wires, suppressed by using Gas (Halon) or CO2.

Type D Fire- Combustible metals like Magnesium and sodium, suppressed with dry powders.
Why is Halon being phased out and what is one of its replacements?
Although it suppresses fires by interfering with the chemical reaction, Halon destroys the ozone layer. It is being replaced by other substances like FM-200.
What is the best type of water-based fire suppression (sprinkler) system for data centers?
Pre-action water sprinklers hold water back from the pipes by a valve until a temperature threshold is met, then the pipes are filled with water, however, water is not released until a delay mechanism allows it. This makes it easier to shutdown systems and avoids water damage due to false alarms.
Which protects a laptop from theft better: a device lock or encryption?
Define EAC tokens.
EAC tokens are Electrionic Access Control tokens and are used to gain physical entrance into a facility. They are usually proximity readers, programmable locks, or biometric systems.
At what angle should the barbed wire at the top of a perimeter fence be set to afford the greatest deterrance to intruders?
45 degrees (outward).
What do security guards have that dogs, CCTVs (closed-circuit TVs) and IDS (intrusion detection systems) do not?
The ability to make discriminating judgements.
Name five technologies used in IDSs (intrusion detection systems):
1- Proximity detection
2- Photoelectric or photometric detection
3- Wave patter (similar to radar)
4- Passive infrared (change in heat waves)
5- Accoustical-seismic detection systems
Define EMI and RFI:
EMI = Electromagnetic Interference.

RFI = radio frequency interference.

Deck Info