Physical and Environmental Security. CISSP Guide to Security Essentials Chapter 8

Similar documents
Why Should You Invest In An Access Management System?

Protecting Information Assets - Week 7 - Physical and Environmental Security. MIS 5206 Protecting Information Assets

Protecting Information Assets - Week 7 - Physical and Environmental Security. MIS 5206 Protecting Information Assets

Preliminary Site Security Plan Operations Cassadaga Wind Farm

Site Security Plan - Operations Baron Winds Project

Protecting Information Assets - Unit #7 - Physical and Environmental Security. MIS 5206 Protecting Information Assets

Complete solutions for commercial security. Verex delivers leading intrusion, access and video products to protect today s companies

Comprehensive Security for Banks and Credit Unions

Millenium Electronic Access Control Systems Networked Real-Time Access Control

Security Considerations for Secure Workplaces

A.C.E. Security Consultants House of Worship Checklist

Apartment building safety audit assessment

CALL FOR A FREE SURVEY

Intelligent Security and Fire Solutions. Southern Africa

WIRELESS CCTV. Oil, Gas and Renewables Site Security.

Intrusion Detection Measures Against Insider Threats In Al-Tuwaitha Nuclear Site

WIRELESS CCTV. Site Security & Surveillance.

FALCO Access Control. Product Training

WIRELESS CCTV. Utility Site Security & Surveillance.

7 reasons why it s time to upgrade to IP CCTV

Circlelock. The high security interlocking door. Security Access. Security Access

Aviation Solutions. Why Tyco for airports? Our systems help protect over 110 airports. Secures over 80% of UK Airports and more than 60 US Airports

GARCIA GALUSKA DESOUSA Consulting Engineers

Totally Wireless Video Security

Security & Monitoring Services

Protecting Network Data

integrated security management

Vacant Building Loss Prevention Best Practices

Your computer system is the lifeblood of your business. Cyber threats are. what you hear most about today. Hacks, viruses and spyware get constant

Busii1ness WASH I NIGTON l 'S SERVICE ORGANIZATIONS NCR INTERACT PREMIER SOLUTION PROVIDER. soc. Return to infographic menu

GMS GRAPHICAL MANAGEMENT SYSTEM

Marine Insurance Day 2011

FIRE SOLUTIONS >> FIRE EXTINGUISHERS DRY POWDER WATER CARBON DIOXIDE FOAM FEATURES

The Security Company. Expert in Security. On demand Solution. Total Security Solution Provider. High level of security. Products

Corporate Presentation

2013 Honeywell Users Group EMEA. Adrian Fielding Security from Day One

APPENDIX 4J SECURITY AND SURVEILLANCE SERVICES

BT SECURITY SECURITY: BEST PRACTICE GUIDE FOR NON-BT PEOPLE

Building Integration System. Your platform for customized security and safety management.

DIVISION 28 ELECTRONIC SAFETY AND SECURITY

INTERNATIONAL SECURITY TRAINING, LLC PRESENTS THE PHYSICAL SECURITY SPECIALIST INTRO MODULE

HERE IS THE SOLUTION FOR YOUR NEEDS. Powered by BANK SECURITY SOLUTIONS

High Security. No compromise. security.gallagher.com

TW-8000 TAUT WIRE FENCE

205 CMR: MASSACHUSETTS GAMING COMMISSION

YOUR TRUSTED PARTNER IN RETAIL SECURITY

SECURITY SOLUTIONS Banking and finance

BLUEPRINT FOR PERIMETER, PHYSICAL SECURITY AND ACCESS CONTROL AT ELDO LAKES EXT. 5 & 6

Workplace Violence Risk Factors and Controls Checklist

Protecting Station Platform & Rail Perimeters. TransitVUE IDS The Latest in Fiber Optic Station Platform & Rail Perimeter Security Sensor Systems

COMMERCIAL BUILDING SOLUTION

Workplace Violence Risk Factors and Controls Checklist

Delivering Security, Life-Safety & Convenience

1.1 Ensure the room is in the ACCESS state. Workstation indicates zone is in ACCESS state.

LATHOM HIGH SCHOOL CCTV POLICY

Access Control. Total Perimeter Protection Solutions from one Source

End-to-end security for a Smarter, Safer world

Redefining Security for the Modern Facility

Baron Winds Project Exhibit 18. Safety and Security

PASS Security Plan Checklist

4.13 Security and System Safety

Chapter 1 Introduction

Working as a CCTV Operator. Specimen Examination Paper

Session VI Smart safety systems

AMENDMENT NO.: III INVITATION FOR BID NO.: GPA FOR

Integrating & Synthesizing Data for Perimeter Security Awareness

Construction Method, Material Selection, Fire Prevention & Building Security System For Project 9a : Board 4 ; For Project 9b : Part 4

A system so advanced, it lets you control your home no matter where you are.

Perimeter Product Overview. Effective protection for your business

APPENDIX G PHYSICAL SECURITY STANDARDS

Driving simplicity. Facility and security management in a single interface

Industrial Security Capabilities. Honeywell Proprietary

Physical Security Standards WARREN J. BUJOL, IBERIABANK MATTHEW RONIGER, IBERIABANK

Third Party Closed Circuit Television (CCTV) Standard- Good practice. Issue 1 Date: 29/07/2016, David Jury, BT Security

PRODUCT RANGE AUTOMATION SECURITY LIGHTING

Exceptional solutions for key and portable item control. electronic lockers and key cabinets

INDUSTRIALMANDOWN & LONEWORKER

One call protects it all.

Retail security solutions

SITE SECURITY THE SMARTER WAY TO PROTECT REMOTE AND TEMPORARY SITES, 24 HOURS A DAY.

Gatesea Technology Co., Ltd

Retail. Life Safety and Security Door Hardware. Integrated Door Security Systems. Safety, Security and Risk Management

Business Owner s Security Buyers Guide

Designing the Right Access Control System A Case Study. 12 th May 2010

Building Emergency Response Scenario

Threat Warning System

Access CONTROL. MANAGEMENT Software

Introductions. Security Assessments and Security Master Planning For College Campuses

[A] Building Construction

FlexZone SIX STEPS TO AFFORDABLE PERIMETER PROTECTION EASY TO INSTALL LOW TOTAL COST OF OWNERSHIP HASSLE-FREE OPERATION & MAINTENANCE HOW-TO GUIDE

AIRPORTS. CARECALLER PowerfulSecuritySolutionsForSeriousSecurityNeeds

INTRUSION SOLUTIONS. Yehans Surveillance & Security Systems. laser perimeter alarming CONTACT US ON

STATEMENT OF WORK. Physical Protection Equipment Upgrades for Al-Tuwaitha Site in Iraq

NEXT-GENERATION MULTIFUNCTIONAL DEVICE

About IntraLogic. In Business since 2004 Over 55 Full time employees

Services. Monitoring. t f e. w.

Introduction. deliver benefits. proficient & reliable partner. A Technological Company Netsoft Group.

Safety & Security Checklist by Layers of Building and Grounds The Church Safety and Security Guidebook (Brotherhood Mutual Insurance)

342 Perimeter Security SECURITY SURVEY FORMS

The IPPS was developed on IBM-PC platform under QNX real time operating system (RTOS) and uses QNX-Windows GUI.

Transcription:

Physical and Environmental Security CISSP Guide to Security Essentials Chapter 8

Objectives Site access controls including key card access systems, biometrics, video surveillance, fences and walls, notices, and exterior lighting Secure siting: identifying and avoiding threats and risks associated with a building site CISSP Guide to Security Essentials 2

Objectives (cont.) Equipment protection from theft and damage Environmental controls including HVAC and backup power CISSP Guide to Security Essentials 3

Key cards Site Access Controls Centralized access control consists of card readers, central computer, and electronic door latches Photo by IEI Inc. CISSP Guide to Security Essentials 4

Site Access Controls (cont.) Key cards (cont.) Pros: easy to use, provides an audit record, easy to change access permissions Cons: can be used by others if lost Photo by IEI Inc. CISSP Guide to Security Essentials 5

Biometric Access Controls Based upon a specific biometric measurement Greater confidence of claimed identity Fingerprint, iris scan, retina scan, hand scan, voice, facial recognition, others Photo by Ingersoll-Rand Corporation CISSP Guide to Security Essentials 6

Biometric Access Controls (cont.) More costly than key card alone Photo by Ingersoll-Rand Corporation CISSP Guide to Security Essentials 7

Metal Keys Pros: suitable backup when a key card system fails Uses in limited areas such as cabinets Best to use within keycard access areas CISSP Guide to Security Essentials 8

Cons Metal Keys (cont.) Easily copied, cannot tell who used a key to enter CISSP Guide to Security Essentials 9

Man Trap Double doors, where only one can be opened at a time Used to control personnel access Manually operated or automatic Only room for one person CISSP Guide to Security Essentials 10

Guards Trained personnel with a variety of duties: Checking employee identification, handling visitors, checking parcels and incoming/outgoing equipment, manage deliveries, apprehend suspicious persons, call additional security personnel or law enforcement, assist persons as needed Advantages: flexible, employ judgment, mobile CISSP Guide to Security Essentials 11

Guard Dogs Serve as detective, preventive, and deterrent controls Apprehend suspects Detect substances CISSP Guide to Security Essentials 12

Record of events Access Logs Personnel entrance and exit Visitors Vehicles Packages Equipment CISSP Guide to Security Essentials 13

Fences and Walls Effective preventive and deterrent control Keep unwanted persons from accessing specific areas Height Effectiveness 3-4 ft Deters casual trespassers 6-7 ft Too difficult to climb easily 8 ft plus 3 strands of barbed or razor wire Deters determined trespassers CISSP Guide to Security Essentials 14

Video Surveillance Supplements security guards Provide points of view not easily achieved with guards CISSP Guide to Security Essentials 15

Video Surveillance (cont.) Locations Entrances Exits Loading bays Stairwells Refuse collection areas CISSP Guide to Security Essentials 16

Video Surveillance (cont.) Camera types CCTV, IP wired, IP wireless Night vision Fixed, Pan / tilt / zoom Hidden / disguised CISSP Guide to Security Essentials 17

Video Surveillance (cont.) Recording capabilities None; motion-activated; periodic still images; continuous CISSP Guide to Security Essentials 18

Intrusion, Motion, and Alarm Systems Automatic detection of intruders Central controller and remote sensors Door and window sensors Motion sensors Glass break sensors CISSP Guide to Security Essentials 19

Intrusion, Motion, and Alarm Systems (cont.) Alarming and alerting Audible alarms Alert to central monitoring center or law enforcement CISSP Guide to Security Essentials 20

Visible Notices No Trespassing signs Surveillance notices Sometimes required by law Surveillance monitors CISSP Guide to Security Essentials 21

Exterior Lighting Discourage intruders during nighttime hours, by lighting intruders actions so that others will call authorities NIST standards require 2 foot-candles of power to a height of 8 ft CISSP Guide to Security Essentials 22

Bollards Other Physical Controls Crash gates Prevent vehicle entry Retractable CISSP Guide to Security Essentials 23

Secure Siting Locating a business at a site that is reasonably free from hazards that could threaten ongoing operations CISSP Guide to Security Essentials 24

Identify threats Secure Siting (cont.) Natural: flooding, landslides, earthquakes, volcanoes, waves, high tides, severe weather Man-made: chemical spills, transportation accidents, utilities, military base, social unrest CISSP Guide to Security Essentials 25

Secure Siting (cont.) Other siting factors Building construction techniques and materials Building marking Loading and unloading areas Shared-tenant facilities Nearby neighbors CISSP Guide to Security Essentials 26

Laptop computers Anti-theft cables Asset Protection Defensive software (firewalls, anti-virus, location tracking, destruct-if-stolen) Strong authentication such as fingerprint Full encryption Training CISSP Guide to Security Essentials 27

Asset Protection (cont.) Servers and backup media Keep behind locked doors Locking cabinets Video surveillance Off-site storage for backup media Secure transportation Secure storage CISSP Guide to Security Essentials 28

Asset Protection (cont.) Protection of sensitive documents Locked rooms Locking, fire-resistant cabinets CISSP Guide to Security Essentials 29

Asset Protection (cont.) Protection (cont.) Clean desk policy Reduced chance that a passer-by will see and remove a document containing sensitive information Secure destruction of unneeded documents CISSP Guide to Security Essentials 30

Asset Protection (cont.) Equipment check-in / check-out Keep records of company owned equipment that leaves business premises Improves accountability Recovery of assets upon termination of employment CISSP Guide to Security Essentials 31

Asset Protection (cont.) Damage protection Earthquake bracing Required in some locales Equipment racks, storage racks, cabinets Water detection and drainage Alarms CISSP Guide to Security Essentials 32

Asset Protection (cont.) Fire protection Fire detection: smoke alarms, pull stations Fire extinguishment Fire sprinklers Inert gas systems Fire extinguishers CISSP Guide to Security Essentials 33

Asset Protection (cont.) Cabling security on-premises Place cabling in conduits or away from exposed areas CISSP Guide to Security Essentials 34

Asset Protection (cont.) Cabling security off-premises (e.g. telco) Select a different carrier Utilize diverse / redundant network routing Utilize encryption CISSP Guide to Security Essentials 35

Environmental Controls Heating, ventilation, and air conditioning (HVAC) Vital, yet relatively fragile Backup units ( N+1 ) recommended Ratings BTU/hr Tonns CISSP Guide to Security Essentials 36

Environmental Controls (cont.) Heating, ventilation, and air conditioning (HVAC) (cont.) Also regulates humidity Should be 30% - 50% CISSP Guide to Security Essentials 37

Environmental Controls (cont.) Electric power Anomalies Blackout. A total loss of power. Brownout. A prolonged reduction in voltage below the normal minimum specification. CISSP Guide to Security Essentials 38

Environmental Controls (cont.) Anomalies (cont.) Dropout. A total loss of power for a very short period of time (milliseconds to a few seconds). Inrush. The instantaneous draw of current by a device when it is first switched on. CISSP Guide to Security Essentials 39

Environmental Controls (cont.) Anomalies (cont.) Noise. Random bursts of small changes in voltage. Sag. A short drop in voltage. Surge. A prolonged increase in voltage. Transient. A brief oscillation in voltage. CISSP Guide to Security Essentials 40

Environmental Controls (cont.) Electric power protection Line conditioner filters incoming power to make it cleaner and free of most anomalies Uninterruptible Power Supply (UPS) temporary supply of electric power via battery storage CISSP Guide to Security Essentials 41

Environmental Controls (cont.) Electric power protection (cont.) Electric generator long term supply of electric power via diesel (or other source) powered generator CISSP Guide to Security Essentials 42

Redundant Controls Assured availability of critical environmental controls Dual electric power feeds Redundant generators Redundant UPS Redundant HVAC Redundant data communications feeds CISSP Guide to Security Essentials 43

Summary Site access control for personnel is usually achieved with key cards, PIN pads, biometrics, and metal keys A mantrap is an access control that consists of a set of two doors, one after the other, where only one door can be open at a time CISSP Guide to Security Essentials 44

Summary (cont.) Site security is also achieved with guards, guard dogs, access logs, fences and walls, video surveillance, alarm systems, visual notices, exterior lighting, bollards, and crash gates CISSP Guide to Security Essentials 45

Summary (cont.) A business should be located in an area that is reasonably free of hazards and threats Natural threats include floods, landslides, avalanches, earthquakes, volcanoes, tsunamis, and severe weather CISSP Guide to Security Essentials 46

Summary (cont.) Man-made threats include chemical spills, transportation corridors, utilities, social unrest, and nearby military bases Other siting issues include building construction techniques and materials, building marking, loading and unloading areas, and shared-tenancy CISSP Guide to Security Essentials 47

Summary (cont.) Business equipment should be physically secured to prevent theft, tampering, sabotage, and water damage Cabling should be protected from unauthorized access CISSP Guide to Security Essentials 48

Summary (cont.) Heating, Ventilation, and Air Conditioning (HVAC) systems control the temperature and humidity of air in buildings Electric power is protected with line conditioners, Uninterruptible Power Supplies (UPSs), and electric generators CISSP Guide to Security Essentials 49

Summary (cont.) Facilities that cannot tolerate downtime due to the failure of HVAC, UPS, or generators should consider redundant, or N+1, environmental controls CISSP Guide to Security Essentials 50

2024 © homedocbox.com Privacy Policy | Terms of Service | Feedback