Download Physical Security Ver 3.0 - Raymond J. Harbert College of

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
page
45
page
46
page
47
page
48
page
49
page
50
page
51
page
52
page
53
page
54
page
55
page
56
page
57
page
58
page
59
page
60
page
61
page
62
page
63
page
64
page
65
page
66
page
67
page
68
page
69
page
70
page
71
page
72
page
73
page
74
page
75
page
76
page
77
page
78
page
79
page
80
page
81
page
82
page
83
page
84
page
85
page
86
page
87
page
88
page
89
Document related concepts
no text concepts found
Transcript 
Physical Security
1
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Introduction
The physical security domain provides
protection techniques for the entire facility,
from the outside perimeter to the inside
office space, including all of the information
system resources.
2
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Physical Security Definition
• The physical measures & their
associated procedures to safeguard &
protect against:
• Damage
• Loss
• Theft
• Implementing controls that discourage
attackers by convincing them that the
cost of attacking is greater than the
value received from the attack.
© Copyright 2005
(ISC)2®
All Rights Reserved.
3
Physical Security v5.0
Objectives
The CISSP should be able to:
– Describe the threats, vulnerabilities, and
countermeasures related to physically
protecting the enterprise’s sensitive
information assets.
– Identify the risk to facilities, data, media,
equipment, support systems, and
supplies as they relate to physical
security.
4
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Section Objectives
• List the goals of physical controls
• List the threats to physical security
• Describe Crime Prevention Through
Environmental Design
5
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Goals of Information
Security
• The common thread among good information security objectives is
that they address all three core security principles.
Prevents unauthorized
disclosure of systems
and information.
Prevents unauthorized
modification of systems
and information.
Availability
Prevents disruption of
service and productivity.
© Copyright 2005
(ISC)2®
All Rights Reserved.
6
6
Physical Security v5.0
Physical Security Requirements
Life Safety
Safety of people is the
primary concern.
7
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Goals of Physical Security
1.
2.
3.
4.
5.
Deter
Delay
Detect
Assess
Respond
8
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Threats to Physical Security
• Natural/Environmental (e.g., earthquakes, floods,
storms, hurricanes, fires)
• Utility Systems (e.g., communication outages,
power outages)
• Human-Made/Political Events (e.g., explosions,
vandalism, theft, terrorist attacks, riots)
9
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Natural Events
10
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Malicious Threats
Theft
Theft
• Internal/external results
in increased costs
Espionage
HVAC Access
Espionage
• Loss of intellectual
property & market share
Dumpster Diving
• Access to sensitive
corporate information
6 Key
Threats
Shoulder
Surfing
Dumpster
Diving
Social Engineering
Social Engineering
• Intelligence Attack
Shoulder Surfing
• Results in unauthorized
access
HVAC
• Access via HVAC vents
© Copyright 2005
(ISC)2®
All Rights Reserved.
11
Physical Security v5.0
Countermeasures
Theft
• IDS & Locked Doors and Keys
• Access Control
Espionage
• Employee Tracking & Job Rotation
• Strict Internal Controls
Dumpster Diving
• Layered Defense System
• Disposal Policy
12
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Countermeasures
• Employee Accountability
• Employee Security Awareness
Social Engineering
Shoulder Surfing
• Keyboard Keystroke Placement
• Awareness of your Surroundings
HVAC Access
• Narrow Shafts
• Section Lock Downs
13
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Physical Security
Subtopics
• Layered Defense Model
• Crime Prevention Through
Environmental Design
• Site Location
• Facility Construction Impacts
• Infrastructure Support Systems
14
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Layered Defense Model
Building Grounds
Building Floors/
Office Suites
Perimeter
Building Entrance
Offices/
Data Centers/
Equipment,
Supplies, Media
15
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Crime Prevention Through
Environmental Design
• The physical environment of a building is
changed or managed to produce
behavioral effects that will assist in
reducing the incidence and fear of crime.
• Focuses on the relationships between the
social behavior of people and the
environments.
16
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Crime Prevention Through
Environmental Design
Three Key Strategies
• Territoriality - people protect
territory that is their own
• Surveillance - high degree of
visual control
• Access Control - limit access
and control the flow of access
17
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Site Location
Security should include where the
building is and how it should be built.
Crime?
Riots?
Natural disasters?
Adjacent buildings?
Airport?
Highway?
Military Base?
Emergency support
systems?
18
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Facility/Construction Issues
• Walls, Windows, and Doors
• Entry Points
– Primary & secondary
entrances
– Windows
– Roof access
– Maintenance entrance
– Emergency exits
– Loading docks
19
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Doors
•
•
•
•
•
Hollow-core versus solid-core
Isolation of critical areas
Lighting of doorways
Contact Devices (switches)
Mantraps (double door systems)
20
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Door Safety
Doors
• Do not block exit doors
• Provide sufficient and
appropriate lock mechanics
• Hinges securely fixed to the
frames
• Frame securely fixed to the
adjoining wall.
21
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Windows
•
•
•
•
Standard plate glass
Tempered glass
Acrylic materials
Polycarbonate windows - glass and
polycarbonite combinations combine
the best quality of glass and acrylics
22
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Windows cont…
•
•
•
•
•
Laminated Glass
Wired Glass
Solar Window Films
Window Security Films
Glass Breakage Sensors
23
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Infrastructure Support Systems
• Infrastructure Support Systems
include electrical power,
water/plumbing, steam, gas lines,
and heating, ventilation, air
conditioning (HVAC), and
refrigeration.
24
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Support System Threats
Fire
Fire
• Damage & destruction of
facilities/equipment
HVAC
Water
5 Key
Threats
Water
• Flooding/dripping
Power Loss
• Disruption/stop in
operations
Gas Leakage
Gas
Leakage
Power
Loss
• Explosion
HVAC
• Overheating/overcooling
25
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Fire
Best Practices
–Fire Containment System (floors,
vents, HVAC)
–Fire Extinguishing System
(permanent & mobile)
–Abiding by the Fire Codes
–Fire Prevention Training and Drills
26
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Fire Protection Subtopics
• Fire Prevention – reduce
causes of fire.
• Fire Detection - receive
warnings of fire before it
becomes a problem.
• Fire Suppression - how to
extinguish and contain a
fire to minimize damage.
27
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Fire Prevention
• Use fire resistant materials for walls, doors,
furnishings, etc.
• Reduce the amount of combustible papers
around electrical equipment.
• Provide fire-prevention training to employees remember, life safety is the most important
issue.
• Conduct fire drills on all shifts so that personnel
know how to safely exit a building.
28
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Fire Detection
• Ionization-type smoke detectors detect charged
particles in smoke.
• Optical (Photoelectric) detectors react to light
blockage caused by smoke.
• Fixed or rate-of-rise temperature sensors - heat
detectors that react to the heat of a fire.
• Combinations are usually used for the best
effectiveness in detecting a fire.
29
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Fire Types and Suppression
Class
Type
Suppression Agents
A
Common
combustibles
Water, foam, dry chemicals
B
Liquid
Gas, CO2, foam, dry
chemicals
C
Electrical
Gas, CO2, dry chemicals
D
Combustible metals
Dry powders
K
Commercial kitchens
Wet chemicals
30
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Fire Suppression Agents
• Carbon Dioxide (CO2) extinguishers provide a
colorless, odorless chemical that displaces
oxygen in the air.
• Halon gas - contains a white bromine powder
produced in chlorofluorocarbon compounds
(CFC)
– factor in the depletion of the ozone layer.
• FM200 most effective alternative - requires 7%
concentration (Halon requires 5%)
31
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Halon Gas
• 1987 Montreal Protocol on Substances that
Deplete the Ozone Layer.
– Began implementation in 1992
– Any new installations of fire suppression
systems must use alternate options
– EU requires removal of Halon for most
applications
32
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Fire Suppression
• Water Sprinkler Systems
– Water could be a conductor of
electricity - it may compound the
problems in computer rooms.
– Water can cause damage to
electrical equipment.
– “Pre-action” or “dry-pipe” system water is held back by a valve and
is released when the sensor
activates.
© Copyright 2005
(ISC)2®
All Rights Reserved.
33
Physical Security v5.0
Gas Threats
• Gas Leakage
– Identify Location and Test the main
Shut-Off valve
– Secure the Natural Gas Line (using
layered defenses)
– Communicate Natural Gas Line Design
to Fire Department
– Clearly mark Shut-off Valves
34
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Water Threats
• Water Detection Sensors
–Raised Floors
–Emergency Shut-off Valves
–Server room above ground level
• Water pipes not located above
server rooms
35
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Electrical Power
• Disruptions in electrical power can have a
serious business impact.
• Goal is to have “clean and steady power.”
– Dedicated feeders
– Alternate power source
– Access Controls
– Secure breaker and transformer rooms.
36
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Electrical Power
Countermeasures
• Power Loss
–Surge Suppressors
–UPS and UPS Testing
–Electrical Facilities separated from
Data Center
–Generators
37
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Electrical Power Considerations
Electric Power Controls – ‘clean power’
– Have an Emergency Power Off (EPO) switch
that allows someone to shut down the power.
– Install a power line monitor that detects and
records fluctuations in frequency and voltage.
– Ensure there is enough backup power to
conduct an orderly shutdown to avoid data loss
or device damage.
38
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Electrical Power Outages
• Complete loss of power.
– Blackout
• Prolonged loss of commercial power
– Fault
• Momentary loss of power
39
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Electrical Power Degradation
• Brownout
– Intentional reduction of voltage by the utility
company for a prolonged period of time
• Sag/Dip
– A short period of low voltage
• Surge
– Sudden rise in voltage in the power supply
40
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Electrical Power Degradation, cont.
• Transients
– Line noise that is superimposed on the
supply circuit can cause a fluctuation in
power.
• Inrush Current
– The initial surge of current required when
there is an increase in power demand.
• Electrostatic Discharge
– A power surge generated by a person or
device contacting another device and
transferring a high voltage shock.
41
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Interference
• Noise – A natural occurrence that happens
when unwanted signals are generated in
circuits that are in close proximity.
Typically, this disrupts the affected circuit.
– Electromagnetic Interference (EMI)
• Caused by motors, lightning, etc.
– Radio Frequency Interference (RFI)
• Created by components of electrical system
• Caused by electric cables, fluorescent lighting,
truck ignition
42
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Heating, Ventilation and Air
Conditioning Issues
• HVAC computerized controls
– Location
– Access controls
• Appropriate maintenance of
– Temperature
– Humidity levels
– Air quality
• Independence of the data center air
conditioning system from the rest of the building.
• Documented maintenance procedures
43
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Heating, Ventilation and Air
Conditioning Practices
• HVAC
–Temperature Controls Protection
–Emergency Detection System
–Auto Shutoff Mechanisms
–Proper Maintenance
44
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Quick Quiz
• What are the goals of physical controls?
• What are examples of threats to physical
security?
• What are the three key strategies for crime
prevention through environmental design?
• What is the most important factor to
remember when implementing physical
security controls?
45
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Section Summary
• The goals of physical controls are to prevent, delay,
detect, assess, and appropriately respond to a
physical intrusion.
• Natural or environmental, utility system, and humanmade factors can all pose threats to physical security.
• The three key strategies for crime prevention through
environmental design are territoriality, surveillance,
and access control.
• The most important concept to remember when
implementing physical security controls is to ensure
the safety of people.
© Copyright 2005
(ISC)2®
All Rights Reserved.
46
Physical Security v5.0
Layered Defense Model
Subtopics
• Perimeter and Building
Grounds
• Building Entry Points
• Inside the Building -- Building
Floors/Office Suites
• Data Centers or Server Room
Security
• Computer Equipment
Protection
• Object Protection
47
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Section Objectives
• Understand the ‘layered’ approach to
physical security, from the outside
perimeter to the inside of the building
• Describe boundary protection
• List perimeter intrusion detection systems
• Describe controls used inside the building
• List the key controls for data center or
server room security
48
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Layered Defense Model
• Approaching security
through ‘layers’ of controls
• Multi-layered
• Starts with the perimeter,
then building grounds,
then building entry points,
etc.
49
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
• Perimeter security controls are the first line
of defense.
• Protective barriers can be either natural or
structural.
– Natural protective barriers offer terrains that
are difficult to cross, such as mountains,
bodies of water, deserts, etc.
– Structural barriers are devices such as
fences, gates, bollards, and facility walls.
50
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
Landscaping
• Shrubs or trees can
provide a barrier or an
entry point.
• Spiny shrubs make it
harder for an intruder to
cross the barrier.
51
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
Fences
• Are used to enclose security areas and
designate property boundaries.
• Should meet specific gauge and fabric
specifications.
• High-security areas may need a “top
guard” (barb wire at the top).
• Should meet certain height and location
provisions.
52
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
Fences
• Fences must be checked
and repaired on a regular
basis.
• Fence fabric must be
securely attached to poles.
• Be sure that vegetation or
adjacent structures cannot
provide a “bridge” over the
fence.
© Copyright 2005
(ISC)2®
All Rights Reserved.
53
Physical Security v5.0
Perimeter and Building Grounds
Boundary Protection
Gates
• The portions of a wall or
fence system that control
entrance and/or egress
by persons or vehicles
and complete the
perimeter of the defined
area.
54
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building Grounds
Boundary Protection
Bollards
• A rising post designed for
use in traffic control and
protecting property
premises.
• Provides security against
vehicles ramming into, or
stopping near buildings.
• Lighted bollards can be used for lighting
controls along parks, paths, sidewalks, etc.
55
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building Grounds
Boundary Protection
Subtopics
Perimeter Intrusion Detection Systems
• Sensors that detect access into an
area
Surveillance Devices
• Closed-Circuit Television (CCTV)
56
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building Grounds
Boundary Protection
Perimeter Intrusion Detection Systems
• Photoelectric
• Ultrasonic
• Microwave
• Passive infrared (PIR)
• Pressure-Sensitive
57
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building Grounds
Boundary Protection
Closed Circuit Television
(CCTV)
• A television transmission system
that uses cameras to transmit
pictures by a transmission
medium to connected monitors.
• The transmission media can use
wired or wireless technologies.
58
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
CCTV Levels
• Detection - the ability to detect the presence
of an object.
• Recognition - the ability to determine the
type of object.
• Identification - the ability to determine the
object details.
59
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
CCTV - 3 Main
Components
• Camera
– (e.g., Fixed or Zoom)
• Transmission Media
– (e.g., coaxial cable, fiber
optic cable, or wireless)
• Monitor
60
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
CCTV - Other Equipment
•
• Camera Tube
•
• Pan and Tilt Units
• Panning Device
•
• Mountings
• Switchers/Multiplexers
•
• Remote Camera
•
Controls
© Copyright 2005
(ISC)2®
All Rights Reserved.
Infrared Illuminators
Time/Date
Generators
Videotape or Digital
Recorders
Motion Detectors
Computer Controls
61
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
CCTV - Key Success Items
• Understand the facilities total surveillance
requirements.
• Determine the size of the area to be monitored depth, height, and width - to know what size
camera lens is needed.
• Lighting is important - different lamps and
lighting provide various levels of effectiveness.
– ‘Contrast’ between the object and background
62
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
Lighting – is the illumination of a locale, typically by
artificial means such as light fixtures or lamps.
– A consistent level of light supplying reasonably good
visibility needs to be available.
• Features:
– Good lighting is one of the most successful crime
preventive measures.
– When used properly, light discourages unlawful activity,
improves natural observation, and decreases fear.
– Typically used with other controls, such as fences,
patrols, alarm systems.
63
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Perimeter and Building
Grounds Boundary Protection
Types of Lighting
• Continuous lighting
– Glare projection
lighting
– Flood lighting
• Trip lighting
• Standby lighting
• Emergency lighting
64
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Layered Defense Model
Subtopics
• Perimeter and Building
Grounds
• Building Entry Points
• Inside the Building -- Building
Floors/Office Suites
• Data Centers or Server Room
Security
• Computer Equipment
Protection
• Object Protection
65
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Building Entry Point Protection
Locks
• Most accepted and used physical security
device
• Considered delay devices and not foolproof
bars to entry - they are easily defeated
• All lock types are subject to force and
special tools that can be used to gain entry
• Should be just one aspect of many physical
security controls
66
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Building Entry Point Protection
Lock Components
• Lock Body
(Cylinder)
– Bolt
• Strike
• Key
67
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Building Entry Point Protection
Lock Types
• Combination Locks
– Uses a sequence of numbers
in a specific order
• Deadbolt Locks
– A separate bolt not operated
by the primary door handle is
inserted into the frame of the
door for added security.
68
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Building Entry Point Protection
Lock Types
• Keyless Locks
– Push-button (cipher) locks have buttons that
are pushed in sequence to open the locks.
• Smart Locks
– Permit only authorized people into certain
doors at certain times. An example is a
magnetic stripe card that is time-sensitive.
69
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Building Entry Point Protection
Locks
• Lock Picking
– Picks
– Tension wrench
• Locks are “pickresistant,” not
“pickproof”
70
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Building Entry Point Protection
Locks - Security Measures
• Lock and key control system
• Key control procedures must be
documented and followed
– Procedures for issue, sign out, inventory,
destruction, and lost keys
• Combinations must be changed at
specified times and under specified
circumstances.
© Copyright 2005
(ISC)2®
All Rights Reserved.
71
Physical Security v5.0
Building Entry Point Protection
Guard Stations
• Security forces
(guards) can provide a
deterrence to
unauthorized entry. In
some cases, may also
prevent unauthorized
entry.
72
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Building Entry Point Protection
Card Access Controls or Biometric Systems
• Smart cards, Magnetic Stripe cards,
Proximity Cards, etc.
• Fingerprint, retina scans, signature
dynamics, voice recognition, hand geometry,
etc.
73
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Layered Defense Model
Subtopics
• Perimeter and Building
Grounds
• Building Entry Points
• Inside the Building -- Building
Floors/Office Suites
• Data Centers or Server Room
Security
• Computer Equipment
Protection
• Object Protection
74
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Inside the Building - Building Floors,
Office Suites, Offices
• Compartmentalized
Areas
• Support System
Controls
• Fire Protection
• Intrusion Detection
Systems
75
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Inside the Building - Building
Floors, Office Suites, Offices
Compartmentalized Areas
• Defines a location where sensitive
equipment is stored and where sensitive
information is processed.
• Must have a higher level of security
controls.
• To be effective, they need an appropriate
access control system.
76
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Inside the Building - Building
Floors, Office Suites, Offices
Intrusion Detection Systems
Can be installed on:
• Windows,
• Doors,
• Ceilings,
• Walls, or
• Any other entry points such as ventilation
openings or air conditioning openings.
© Copyright 2005
(ISC)2®
All Rights Reserved.
77
Physical Security v5.0
Inside the Building - Building
Floors, Office Suites, Offices
Intrusion Detection Systems
Detect a change in:
• Electrical circuits
• Light beams
• Sounds
• Vibrations
• Motion
• Capacitance due to penetration of an
electrostatic field
© Copyright 2005
(ISC)2®
All Rights Reserved.
78
Physical Security v5.0
Layered Defense Model
Subtopics
• Perimeter and Building
Grounds
• Building Entry Points
• Inside the Building -- Building
Floors/Office Suites
• Data Centers or Server Room
Security
• Computer Equipment
Protection
• Object Protection
79
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Data Center or Server Room
Security
Walls
• To the extent possible, walls should
not form part of an external building.
• Walls should extend from the floor to
the underside of the above floor slab
(slab to slab).
80
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Data Center or Server Room
Security
Access Controls
• Depending on the sensitivity of the
information, and value of the equipment,
electronic access controls may need to
be installed
– Smart Cards
– Biometric Devices
– Locks
81
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Layered Defense Model
Subtopics
• Perimeter and Building
Grounds
• Building Entry Points
• Inside the Building -- Building
Floors/Office Suites
• Data Centers or Server Room
Security
• Computer Equipment
Protection
• Object Protection
82
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Computer Equipment
Protections
• Portable Device Security
– Involves protecting the
device, protecting the
data on the device, and
keeping the security
controls easy for the
user.
83
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Computer Equipment
Protections
• Portable device security includes items
such as:
– Locking mechanisms for docking stations
– Tracing software
– Audible motion alarm
– Encryption software
– Constant control procedures
– Inventory system
– Anti-virus software
© Copyright 2005
(ISC)2®
All Rights Reserved.
84
Physical Security v5.0
Layered Defense Model
Subtopics
• Perimeter and Building
Grounds
• Building Entry Points
• Inside the Building -- Building
Floors/Office Suites
• Data Centers or Server Room
Security
• Computer Equipment
Protection
• Object Protection
85
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Object Protection
• Objects are placed inside security
containers such as safes, vaults, or
locking file cabinets.
– Should be theft-resistant and fireresistant.
– Steel containers with a locking device.
– Create good lock combinations, change
them frequently, and monitor the
distribution.
86
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Quick Quiz
• What is closed circuit television?
• What are examples of building entry
point protection?
• What are some of the key controls for
data center or server room security?
87
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Section Summary
• Closed circuit television is a television
transmission system that uses cameras to
transmit pictures by a transmission medium
to connected monitors.
• Doors, windows, locks, guard stations, card
access controls, and biometric systems are
examples of building entry point protection.
• Walls, doors, support systems, and access
controls are some of the key controls for
data center or server room security.
88
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
89
© Copyright 2005
(ISC)2®
All Rights Reserved.
Physical Security v5.0
Related documents
SYLLABUS FOR NSF ISC SCIENCE
SYLLABUS FOR NSF ISC SCIENCE
Introduction to ASP.NET
Introduction to ASP.NET
Exercise 8.1-3 IV
Exercise 8.1-3 IV
Exercise 3.4.1
Exercise 3.4.1
Type 2 surge arresters
Type 2 surge arresters
UNDERGRADUATE STUDIES
UNDERGRADUATE STUDIES
Intelligent System Controller
Intelligent System Controller
Find the Thévenin equivalent circuit at terminals G, H - Rose
Find the Thévenin equivalent circuit at terminals G, H - Rose
Open 1XX-MM36 EN v2.00
Open 1XX-MM36 EN v2.00
Exercise 14: Power Sources and MatLab
Exercise 14: Power Sources and MatLab
Document
Document
Introduction to Statistics - Homepages | The University of Aberdeen
Introduction to Statistics - Homepages | The University of Aberdeen
Solar cell種類
Solar cell種類
Example 4.10
Example 4.10
Document
Document