Sec+ preparation #10 (physical security)

Table of contents

Intro
Let’s jump into next day of preparing for SEC+.
Before beginning I just want to give credit to Master OTW at Hackers-Arise. I really enjoy how he describes concepts of various topics. Real professional.
You can purchase Security+ SY0-701 boot camp here
Resilience and Physical Security
If a hacker can physically access to the physical site. It is game over. This part is really important.
Physical security ways:
Hardware locks
Conventional Locks
Easily picked locks and keys easily duplicated
Control and distribution of keys can be a problem
Pick-resistant locks
Higher cost
Harder to pick and keys not as easily duplicated
Distribution and control still a problem
Electronic Combination Lock
A keypad for a combination
Also called a cipher lock (can be in exam)
Electronic key systems
Cards encoded with access code
Magnetic cards can be duplicated or compromised
Smart Card would be a better choice
- RFID cards
Video Surveillance
Analyze your requirement
Estimate width of area to be monitored
Is there a need for zooming
What are the weather conditions if used outside?
How do you maintain capability?
- Many building shuts all light off at the end of the day. So maybe you need night vision?
You need to protect the cameras so that it cannot be easily hacked. Intruders may see passwords entered in keypads through cameras if they are easily hackable.
Fencing and walls
Bollard - it prevents attack with moving object. Such as vehicle loaded with explosives
Illustration of bollard:
Fences must be a proper height
1.5 meter height fence will deter casual trespasser
Secure areas uses 2.5+ meters height of the fence
Perimeter Intrusion Detection and Assessment System (known as PIDAS fencing)
Fences must be regularly inspected
Proximity Readers
Access List
Security guard
Most efficient physical security control, but also the most expensive
Guard can enforce security policy
Can prevent Piggybacking or Tailgating attacks
Guard must be well trained
Can do patrols at random intervals
Passive monitoring
Physical access logs
Fortress mentality
Check to see everybody who comes and leaves
Good method is that there is only one door through which you can come and leave
Use logging features (check when people come and go)
Ensure guards are well trained
ID Badges
Great for authenticating users
Sometimes combines with smart cards
They are very cheap and very efficient
Door Access Systems
Use to control access to sensitive areas
Can be biometric or Smart Card
Based around the Electronic Access Control (EAC)
Physical Tokens
- Type II authentication factor
Could be:
Metal Keys
Smart Card
Magnetic Card
Photo ID
Synchronous or Asynchronous tokens
Biometrics
Site selection
Select your data center location carefully
Get familiar with the building code
Investigate who are your neighbors
What is the crime rate in the area
Talk to you insurance company
What about logistics for ambulance, firefighters and stuff like that.
Subscribe to my newsletter
Read articles from Jonas Satkauskas directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
