Download domain 10 – physical security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
Document related concepts

Fire sprinkler system wikipedia , lookup

Transcript 
DOMAIN 10 – PHYSICAL SECURITY
Physical security mechanisms include site design and layout,
environmental components, emergency response readiness, training,
access control, intrusion detection, power and fire protection.
“The value of items to be protected can be deteremined by a critical path
anaylsis”. The critical path analysis lists all peices of an environment and
how they interract. The CPA should include power, data, water and sewer
lines, A/C, generators and storm drains.
“The physical security domain addresses the threats, vulnerabilities and
countermeasures that can be utilized to physically protect an enterprises’
resources and sensitive information”. These include personnel, facilities,
data, equipment, support systems and media.
There are seven major causes of physical loss:
1.
2.
3.
4.
5.
6.
7.
Temperate: Sunlight, fire, freezing, heat.
Gases: War gases, vapors, humidity, dry air, smoke, smog.
Liquids: Water and chemicals
Organisms: People, animals, viruses, bacteria
Projectiles: Meteors, cars and trucks, bullets, tornados
Movement: Collapse, shearing, shaking, earthquakes
Energy Anomalies: Surges or power failures, static, radiation,
magnets.
Some common physical controls are:
Administrative:





Facility selection or construction
Facility management
Personnel controls
Training
Emergency response and procedures
Technical:







Access controls
Intrustion detection
Alarms
CCTV
HVAC
Power supply.
Fire detection
Phsyical:




Fencing
Locks
Lighting
Facility construction
“Load” : How much weight can be held by a building’s walls, floors &
ceiling.
Raised floors need to be electrically grounded.
A/C Should have positive air pressure: Pushes smoke out.
Water should have positive flow: flows out of the builders, not in.
MTBF : Mean time between failure.
MTTR: Mean time to repair.
Power Supply:
There are 3 main methods to protecting against power problems: UPS,
Power line conditioners and backup sources.
Definitions:
Ground : Pathway to earth to enable excess voltage to dissipate.
Noise : Electromagnetic or frequency interference that disrupts
power flow and can cause fluctuations.
Transient Noise : Short duration of power line disruption.
Clean Power : Power that does not fluctuate.
EMI is created by the different between three wires: Hot, Neutral &
ground.
RFI is created by components of an electrical system. For example,
electrical cables and flourescent lighting.
Power Excess:
Spike: Momentary high voltage.
Surge: Prolonged high voltage.
Power Loss:
Fault: Momentary power out.
Blackount: Prolonged loss of power.
Power Degradation:
Sag: Momentary low voltage.
Brownout: Prolonged supply below normal voltage.
EMI is the difference betwen the charges in the hot, neutral and ground
wires:
Common Noise: Noise from radiation generated by the difference in
hot and ground.
Traverse-mode Noise: Noise from radiation generated by the
difference between hot and neutral wires.
RFI is generated by components of electrical systems.
Environmental Issues:

Water, steam and gas must have proper shutoff values.
High Humidity : Corrosion.
Low Humidity : Static.
The ideal level of humidity is between 45% and 60%. A hygrometer
measures humidity.
Ideal temperate for computing devices is 70 to 74%.
Fire Prevention, Detection and Suppression:
Fire detectors can be activated by:
Smoke: Photoelectric device detects change in electric current when
there is a variation in the light intensive.
Heat: Rate-of-rise temporarate sensors and fixed temperature
sensors. Fixed temperature sensors have less false positives.
Flame: Senses pulsation of flames or infrared energy associated with
flames and combustion.
Combustion Particles:
Detectors should be on and above suspended ceilings – smoke usually
gathers there first.
Detectors should be installed below raised floors because there are many
types of wire that could start an electrical fire.
Detectors should be located in enclosures and air ducts.
Fire Suppression:
There are four main types of fire:
A: Common combustibles such as wood, paper, laminated. Best fought
with water or soda acid.
B: Liquid fires such as petroleum products and coolants. Best fought with
Gas (Halon), CO2, Soda Acid.
C: Electrical equipment and wires. Best fought with Gas (Halon) or CO2.
D: Combustible metals. Best fought with Dry Powder.
A fire needs heat, fuel and oxygen to burn. The different fire suppression
methods do the following:
CO2 & Soda Acid : Remove fuel and oxygen from the fire.
Water
: Lowers temperature
Halon (or substitute)
: Interferes with chemical
reaction between elements.
Halon is no longer legal due to environmental issues, some replacements
are:
 FM200
 NAF-S-III
 FE-13
 Inergen
 Argon
 Argonite

Halon 1211 does not require the sophisticated pressurization system
needed by Halon 1301 and tends to be used in self-pressurized portable
extinguishers.
Water Sprinklers
“Sensors should be in place to shut down electrical power before water
sprinklers activate”
Wet Pipe: Water in pipe. At a preset temperature (165), a link melts
to release the water. Water can freeze in the pipes in colder climates.
Dry Pipe: Water is held back by a value until a specific temperature
is reached, then a time delay occurs before the water is released.
This can give time for shutdown in a false alarm, but not as fast
response as wet pipe. Best in colder climates because water cannot
freeze in the pipes.
Preaction: Combination of wet and dry pipe. Water is not held in the
pipes – released into the pipes when a specific temperature is
reached. The water is not then released right away – a link in the
pipes has to melt to release the water. This type is most the one
most recommended for a computer room.
Deluge: Same as dry pipe, except sprinkler heads are open. Large
volume of water releases in a short period of time. Not recommended
for electrical equipment.
HVACR: Heating, Ventilation, Air Conditioning, Refridgeration.
Administrative Controls
Emergency Response and procedures:






Evacuation procedures
System shutdown
Training and drills
Integrate with disaster recovery plans
Documented procedures for different types of emergencies
Periodic equipment tests
Perimeter Security:
The first line of defense is perimeter security. Preventing access to the
facility deals with :
Access control, surveillance, monitoring, intrusion detection and
corrective actions.
Preset locks: Usually used on doors. Latches and deadbolts.
Cipher Locks: Keypads, combination entry, swipe cards or both.
Options on Cipher locks can include:




Door delay – alarm will trigger if door is open for too long.
Key Override – specific combination programmed for
emergencies
Master Keying – enabled supervisor personnel to change
access codes and other features
Hostage Alarm – special code that does not ring alarm locally,
but at the monitoring site (police station or alarm company)
Device Locks: Locks for specific devices such as cable locks for laptops,
disk drive locks, switch control, slot locks, port controls and cable traps.
Personnel Access Controls:
A common problem is “piggybacking”.
Magnetic Cards: Can be just a strip containing information, or “smart”
cards requiring a PIN number.
Wireless Proximity readers:
User activated: Card transmits values to the reader.
System Sensing: Three main types of system sending cards:



Transponders – Card and reader both have a receiver,
transmitter and battery.
Passive Devices – Card uses power from the reader.
Field-Powered Devices – Card and reader contain a
transmitter. Card has its own power supply.
External Boundary Protection:
Fencing:
3 to 4 feet
: Deters Casual Trespassers.
6 to 7 feet
: Too high to climb easily.
8 ft + barbed wire: Deter more determined intruders.
Lighting: Critical access should be illuminated 8 feet high and 2 feet out.
Surveillance: There are three main categories of surveillance:
1. Patrol force and guards – costly, unreliable but provide
judgement.
2. Dogs
3. Visual recording devices – CCTV.
Issues with guards are availability, reliability, training and cost.
Surveillance techniques are used to watch for unusual behaviours,
whereas detecting devices are used to sense changes that take place in an
environment. Monitoring live events is preventative, recording events is
detective.
Related documents
US Region Belts
US Region Belts
Physical Security Chapter 9
Physical Security Chapter 9
Calculating the correct voltage for your high voltage - Blast-One
Calculating the correct voltage for your high voltage - Blast-One
Victron BatteryProtect BP-40i The Victron Energy BatteryProtect
Victron BatteryProtect BP-40i The Victron Energy BatteryProtect
Power Amplifier - IHMC Public Cmaps (3)
Power Amplifier - IHMC Public Cmaps (3)
INA217 - Vnsky.com
INA217 - Vnsky.com
ch 16 Electricity Essential Questions
ch 16 Electricity Essential Questions
When outdoor temperatures are below zero for
When outdoor temperatures are below zero for
Physical Security
Physical Security
LOW VOLTAGE MAIN AND SUBMAIN ELECTRICAL DISTRIBUTION
LOW VOLTAGE MAIN AND SUBMAIN ELECTRICAL DISTRIBUTION