PHYSICAL SECURITY

profileraj9999
ch10.pptx

Chapter 10 Physical Security Requirements

Apply Secure Principles to Site and Facility Design

Secure Facility Plan

Site Selection

Visibility

Natural Disasters

Facility Design

overview

Secure Facility Plan

Critical path analysis

Security for basic requirements

Technology convergence

Include security staff in design considerations

Site Selection

Cost

Location

Size

Security requirements

Pre-existing structure or custom construction

Proximity to others

Weather conditions

Visibility

Surrounding terrain

Vehicle and foot traffic

Residential, business, or industrial area

Line of sight

Crime rate

Emergency services

Unique local hazards

Natural Disasters

Common local natural disasters

Severe weather patterns

Protection for workers and assets

Facility Design

Based on level of security needs

Combustibility, fire rating

Construction materials

Load rating

Intrusion, emergency access, resistance to entry

Security architecture

Crime Prevention through Environmental Design (CPTED)

Implement Site and Facility Security Controls

Design concepts

Equipment failure

Wiring closets

Cable plant management policy

Server rooms/data centers

Media storage facilities

Evidence storage

Restricted and work area security

Utilities and HVAC considerations

Water issues

Fire prevention, detection, and suppression

overview

Design Concepts

Administrative physical security controls

Technical physical security controls

Physical controls for physical security

Corporate vs. personal property

Deterrence

Denial

Detection

Delay

Equipment Failure

Failure is inevitible

Purchase replacement parts as needed

Onsite replacement warehousing

SLA with vendors

MTTF

MTTR

MTBF

Wiring Closets

Premises wire distribution room

Intermediate distribution facilities (IDF)

Prevent physical unauthorized access

Do not use as general storage

Do not store flammable materials

Use video surveillance

Perform regular physical inspections

Cable Plant Management Policy

Entrance facility

Equipment room

Backbone distribution system

Telecommunications room

Horizontal distribution system

Server Rooms/Data Centers

Need not be human compatible

Locate in core of building

One hour minimum fire rating for walls

Physical access control:

Smartcards, proximity readers, IDS

Access abuses:

Masquerade, piggyback

Emanation security

Faraday cages, white noise, and control zones

Media Storage Facilities

Store blank, reusable, and installation media

Data remnants

Use a locked cabinet

Have a librarian or custodian

Check-in/check-out process

Sanitization, zeroization

Evidence Storage

Becoming important business task

Drive images and virtual machine snapshots

Distinct from production

Block Internet access

Track all activities

Calculate hashes of all files

Limit access

Encrypt stored data

Restricted and Work Area Security

Operations centers

Distinct and controlled area access

Walls or partitions

Shoulder surfing

Assign classifications

Track assets with RFID

Sensitive Compartmented Information Facility (SCIF)

Utilities and HVAC Considerations

UPSes

Double conversion UPS

Line-interactive UPS

Surge protectors

Generators

Fault, blackout, sag, brownout, spike, surge, inrush, noise, transient, clean, ground

EMI vs. RFI

Temperature, humidity, static

Water Issues

Leakage

Flooding

Electrocution

Water detection circuits

Shutoff values

Drainage locations

Fire Prevention, Detection, and Suppression 1/3

Fire triangle: fire, heat, oxygen, combustion

Stages: Incipient, smoke, flame, heat

Fire Prevention, Detection, and Suppression 2/3

Fire extinguisher classes:

Class Type Suppression Material
A Common combustibles Water, soda acid
B Liquids CO2, halon*, soda acid
C Electrical CO2, halon*
D Metal Dry powder

Fire Prevention, Detection, and Suppression 3/3

Fire detection systems:

Fixed temperature, rate-of-rise, flame-actuated, smoke-actuated

Water suppression

Wet pipe, dry pipe, pre-action, deluge

Gas suppression

CO2, Halon, FM-200, alternatives

Damage

Smoke, heat, suppression media

Implement and Manage Physical Security

Perimeter Security Controls

Internal Security Controls

overview

Perimeter Security Controls

Fences

Gates

Turnstiles

Mantraps

Lighting

Security guards and dogs

Internal Security Controls 1/2

Keys and combination locks

Electronic access control (EAC) locks

Badges

Motion detectors

Infrared, heat, wave pattern, capacitance, photoelectric, passive audio

Intrusion alarms

Deterrent alarms, repellant alarms, notification alarms

Local alarm, central station, auxiliary station

Internal Security Controls 2/2

Secondary verification mechanisms

Environment and life safety

Privacy responsibilities and legal requirements

Regulatory requirements

Conclusion

Read the Exam Essentials

Review the Chapter

Perform the Written Labs

Answer the Review Questions