physical and environmental security - olympic...
TRANSCRIPT
![Page 1: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/1.jpg)
Physical and Environmental
Security
CISSP Guide to Security Essentials
Chapter 8
![Page 2: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/2.jpg)
CISSP Guide to Security Essentials 2
Objectives
• Site access controls including key card
access systems, biometrics, video
surveillance, fences and walls, notices,
and exterior lighting
• Secure siting: identifying and avoiding
threats and risks associated with a
building site
![Page 3: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/3.jpg)
CISSP Guide to Security Essentials 3
Objectives (cont.)
• Equipment protection from theft and
damage
• Environmental controls including HVAC
and backup power
![Page 4: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/4.jpg)
CISSP Guide to Security Essentials 4
Site Access Controls
• Key cards– Centralized access control consists of
card readers, central computer, and
electronic door latches
Photo by IEI Inc.
![Page 5: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/5.jpg)
CISSP Guide to Security Essentials 5
Site Access Controls (cont.)
• Key cards (cont.)– Pros: easy to use, provides
an audit record, easy to change
access permissions
– Cons: can be used by others if lost
Photo by IEI Inc.
![Page 6: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/6.jpg)
CISSP Guide to Security Essentials 6
Biometric Access Controls
• Based upon a specific
biometric measurement
• Greater confidence of
claimed identity– Fingerprint, iris scan, retina
scan, hand scan, voice, facial
recognition, othersPhoto by Ingersoll-Rand Corporation
![Page 7: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/7.jpg)
CISSP Guide to Security Essentials 7
Biometric Access Controls (cont.)
• More costly than key
card alone
Photo by Ingersoll-Rand Corporation
![Page 8: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/8.jpg)
CISSP Guide to Security Essentials 8
Metal Keys
• Pros: suitable backup when a key
card system fails
• Uses in limited areas such as
cabinets– Best to use within keycard access
areas
![Page 9: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/9.jpg)
CISSP Guide to Security Essentials 9
Metal Keys (cont.)
• Cons– Easily copied, cannot tell who
used a key to enter
![Page 10: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/10.jpg)
CISSP Guide to Security Essentials 10
Man Trap
• Double doors, where only one can
be opened at a time
• Used to control personnel access
• Manually operated or automatic
• Only room for one person
![Page 11: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/11.jpg)
CISSP Guide to Security Essentials 11
Guards
• Trained personnel with a variety of duties:– Checking employee identification, handling visitors,
checking parcels and incoming/outgoing equipment,
manage deliveries, apprehend suspicious persons,
call additional security personnel or law
enforcement, assist persons as needed
– Advantages: flexible, employ judgment, mobile
![Page 12: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/12.jpg)
CISSP Guide to Security Essentials 12
Guard Dogs
• Serve as detective, preventive, and
deterrent controls
• Apprehend suspects
• Detect substances
![Page 13: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/13.jpg)
CISSP Guide to Security Essentials 13
Access Logs
• Record of events– Personnel entrance and exit
– Visitors
– Vehicles
– Packages
– Equipment
![Page 14: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/14.jpg)
CISSP Guide to Security Essentials 14
Fences and Walls
• Effective preventive and deterrent control
• Keep unwanted persons from accessing
specific areas
Height Effectiveness
3-4 ft Deters casual trespassers
6-7 ft Too difficult to climb easily
8 ft plus 3 strands of
barbed or razor wire
Deters determined
trespassers
![Page 15: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/15.jpg)
CISSP Guide to Security Essentials 15
Video Surveillance
• Supplements security guards
• Provide points of view not easily achieved
with guards
![Page 16: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/16.jpg)
CISSP Guide to Security Essentials 16
Video Surveillance (cont.)
• Locations– Entrances
– Exits
– Loading bays
– Stairwells
– Refuse collection areas
![Page 17: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/17.jpg)
CISSP Guide to Security Essentials 17
Video Surveillance (cont.)
• Camera types– CCTV, IP wired, IP
wireless
– Night vision
– Fixed, Pan / tilt / zoom
– Hidden / disguised
![Page 18: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/18.jpg)
CISSP Guide to Security Essentials 18
Video Surveillance (cont.)
• Recording
capabilities– None; motion-activated;
periodic still images;
continuous
![Page 19: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/19.jpg)
CISSP Guide to Security Essentials 19
Intrusion, Motion, and
Alarm Systems
• Automatic detection of intruders
• Central controller and remote sensors– Door and window sensors
– Motion sensors
– Glass break sensors
![Page 20: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/20.jpg)
CISSP Guide to Security Essentials 20
Intrusion, Motion, and
Alarm Systems (cont.)
• Alarming and alerting– Audible alarms
– Alert to central monitoring center or
law enforcement
![Page 21: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/21.jpg)
CISSP Guide to Security Essentials 21
Visible Notices
• No Trespassing signs
• Surveillance notices– Sometimes required by law
• Surveillance monitors
![Page 22: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/22.jpg)
CISSP Guide to Security Essentials 22
Exterior Lighting
• Discourage intruders during nighttime
hours, by lighting intruders’ actions so
that others will call authorities
• NIST standards require 2 foot-candles
of power to a height of 8 ft
![Page 23: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/23.jpg)
CISSP Guide to Security Essentials 23
Other Physical Controls
• Bollards
• Crash gates– Prevent vehicle entry
– Retractable
![Page 24: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/24.jpg)
CISSP Guide to Security Essentials 24
Secure Siting
• Locating a business at a site that is
reasonably free from hazards that could
threaten ongoing operations
![Page 25: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/25.jpg)
CISSP Guide to Security Essentials 25
Secure Siting (cont.)
• Identify threats– Natural: flooding, landslides, earthquakes,
volcanoes, waves, high tides, severe weather
– Man-made: chemical spills, transportation accidents,
utilities, military base, social unrest
![Page 26: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/26.jpg)
CISSP Guide to Security Essentials 26
Secure Siting (cont.)
• Other siting factors– Building construction techniques and materials
– Building marking
– Loading and unloading areas
– Shared-tenant facilities
– Nearby neighbors
![Page 27: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/27.jpg)
CISSP Guide to Security Essentials 27
Asset Protection
• Laptop computers– Anti-theft cables
– Defensive software (firewalls, anti-virus, location
tracking, destruct-if-stolen)
– Strong authentication such as fingerprint
– Full encryption
– Training
![Page 28: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/28.jpg)
CISSP Guide to Security Essentials 28
Asset Protection (cont.)
• Servers and backup media– Keep behind locked doors
– Locking cabinets
– Video surveillance
– Off-site storage for backup media
• Secure transportation
• Secure storage
![Page 29: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/29.jpg)
CISSP Guide to Security Essentials 29
Asset Protection (cont.)
• Protection of sensitive documents– Locked rooms
– Locking, fire-resistant cabinets
![Page 30: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/30.jpg)
CISSP Guide to Security Essentials 30
Asset Protection (cont.)
• Protection (cont.)– “Clean desk” policy
• Reduced chance that a passer-by will
see and remove a document containing
sensitive information
– Secure destruction of unneeded documents
![Page 31: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/31.jpg)
CISSP Guide to Security Essentials 31
Asset Protection (cont.)
• Equipment check-in / check-out– Keep records of company owned equipment
that leaves business premises
– Improves accountability
– Recovery of assets upon termination of
employment
![Page 32: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/32.jpg)
CISSP Guide to Security Essentials 32
Asset Protection (cont.)
• Damage protection– Earthquake bracing
• Required in some locales
• Equipment racks, storage racks, cabinets
– Water detection and drainage
• Alarms
![Page 33: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/33.jpg)
CISSP Guide to Security Essentials 33
Asset Protection (cont.)
• Fire protection– Fire detection: smoke alarms, pull stations
– Fire extinguishment
• Fire sprinklers
• Inert gas systems
• Fire extinguishers
![Page 34: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/34.jpg)
CISSP Guide to Security Essentials 34
Asset Protection (cont.)
• Cabling security – on-premises– Place cabling in conduits or away
from exposed areas
![Page 35: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/35.jpg)
CISSP Guide to Security Essentials 35
Asset Protection (cont.)
• Cabling security – off-premises
(e.g. telco)– Select a different carrier
– Utilize diverse / redundant network routing
– Utilize encryption
![Page 36: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/36.jpg)
CISSP Guide to Security Essentials 36
Environmental Controls
• Heating, ventilation, and air conditioning
(HVAC)– Vital, yet relatively fragile
– Backup units (“N+1”) recommended
– Ratings
• BTU/hr
• Tonns
![Page 37: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/37.jpg)
CISSP Guide to Security Essentials 37
Environmental Controls (cont.)
• Heating, ventilation, and air conditioning
(HVAC) (cont.)– Also regulates humidity
• Should be 30% - 50%
![Page 38: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/38.jpg)
CISSP Guide to Security Essentials 38
Environmental Controls (cont.)
• Electric power
• Anomalies– Blackout. A total loss of power.
– Brownout. A prolonged reduction in voltage
below the normal minimum specification.
![Page 39: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/39.jpg)
CISSP Guide to Security Essentials 39
Environmental Controls (cont.)
• Anomalies (cont.)– Dropout. A total loss of power for
a very short period of time (milliseconds
to a few seconds).
– Inrush. The instantaneous draw of current
by a device when it is first switched on.
![Page 40: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/40.jpg)
CISSP Guide to Security Essentials 40
Environmental Controls (cont.)
• Anomalies (cont.)– Noise. Random bursts of small changes
in voltage.
– Sag. A short drop in voltage.
– Surge. A prolonged increase in voltage.
– Transient. A brief oscillation in voltage.
![Page 41: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/41.jpg)
CISSP Guide to Security Essentials 41
Environmental Controls (cont.)
• Electric power protection– Line conditioner – filters incoming power to
make it cleaner and free of most anomalies
– Uninterruptible Power Supply (UPS) – temporary
supply of electric power via battery storage
![Page 42: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/42.jpg)
CISSP Guide to Security Essentials 42
Environmental Controls (cont.)
• Electric power protection (cont.)– Electric generator – long term supply of
electric power via diesel (or other
source) powered generator
![Page 43: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/43.jpg)
CISSP Guide to Security Essentials 43
Redundant Controls
• Assured availability of critical
environmental controls– Dual electric power feeds
– Redundant generators
– Redundant UPS
– Redundant HVAC
– Redundant data communications feeds
![Page 44: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/44.jpg)
CISSP Guide to Security Essentials 44
Summary
• Site access control for personnel is usually achieved with key cards, PIN pads, biometrics, and metal keys
• A mantrap is an access control that consists of a set of two doors, one after the other, where only one door can be open at a time
![Page 45: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/45.jpg)
CISSP Guide to Security Essentials 45
Summary (cont.)
• Site security is also achieved with guards, guard dogs, access logs, fences and walls, video surveillance, alarm systems, visual notices, exterior lighting, bollards, and crash gates
![Page 46: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/46.jpg)
CISSP Guide to Security Essentials 46
Summary (cont.)
• A business should be located in an area that is reasonably free of hazards and threats
• Natural threats include floods, landslides, avalanches, earthquakes, volcanoes, tsunamis, and severe weather
![Page 47: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/47.jpg)
CISSP Guide to Security Essentials 47
Summary (cont.)
• Man-made threats include chemical spills, transportation corridors, utilities, social unrest, and nearby military bases
• Other siting issues include building construction techniques and materials, building marking, loading and unloading areas, and shared-tenancy
![Page 48: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/48.jpg)
CISSP Guide to Security Essentials 48
Summary (cont.)
• Business equipment should be physically secured to prevent theft, tampering, sabotage, and water damage
• Cabling should be protected from unauthorized access
![Page 49: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/49.jpg)
CISSP Guide to Security Essentials 49
Summary (cont.)
• Heating, Ventilation, and Air Conditioning (HVAC) systems control the temperature and humidity of air in buildings
• Electric power is protected with line conditioners, Uninterruptible Power Supplies (UPSs), and electric generators
![Page 50: Physical and Environmental Security - Olympic Collegefaculty.olympic.edu/kblackwell/docs/cmptr238/PowerPoint/... · CISSP Guide to Security Essentials Chapter 8. CISSP Guide to Security](https://reader031.vdocument.in/reader031/viewer/2022021802/5b7aedb37f8b9adb4c8b97f9/html5/thumbnails/50.jpg)
CISSP Guide to Security Essentials 50
Summary (cont.)
• Facilities that cannot tolerate downtime due to the failure of HVAC, UPS, or generators should consider redundant, or “N+1”, environmental controls