7 hours 35 minutes
Hey, guys. Welcome to another episode of the S S C P Exam Prep series.
I'm your host, Peter Simple.
This is the nine and the last lesson off the second of me.
Just a quick recap from everything we've seen in the second domain. So far, we've looked at the code of ethics, which is the required behavior for an S S C P. Practitioner.
We've looked at the C I A Triad, which is the most fundamental aspect of cybersecurity.
We've looked at security architectures and control.
We've talked about security plans and how they are detailed document specifying the security requirements of a system. And we've looked at building secure systems through secure development techniques and how secure development reduces the number of system vulnerability.
We've taken a good look at data, how to manage it, how to protect it and how to dispose of it when needed. And we've also looked at preventing the leakage of data throughout the network.
We've taken a book at different management techniques and how using the same process over and over can maintain system integrity.
We've looked at security awareness and training and how when employees are aware of security situations. It really helps everyone and makes an S S C P practitioners job a whole lot easier.
And finally, in this lesson will be looking at interior intrusion detection systems. These air specifically developed, designed to handle insider threats and different physical threats.
We'll also be looking at building security such as locks and doors, and we will be looking at fire suppression. How to control a fire inside in a data center or an organization.
Let's get started.
It is necessary to maintain different levels of secure even within the facility.
Not all employees need access to all areas of the facility, and that's why we have interior intrusion detection systems
entry warrior intrusion detection systems
prevent insider threats or people who want to hurt an organization from the inside out on it is necessary to have these simply to maintain the integrity of your organization.
Intrusion detection systems include a balanced magnetic switch,
motion activated cameras,
infrared of linear beam sensors,
passive infrared sensors,
escort and visitor control.
Let's take a look at all of these in a little bit more detail.
Balanced magnetic switches.
This uses a magnetic field or a mechanical contact to determine if an alarm signal is initiated.
So with regular Magnetics, which is like the picture on the left, the two magnets are stuck together. And if that magnetic bond is broken, for whatever reason, alarm is triggered.
Now, this could be circumvented very easily by adding your own magnet in to one of the attachments.
Um, so then you can disable the other one, and since that magnetic connection is technically not broken than no alarm will sound,
this problem has been solved by a balanced magnetic switch, otherwise known as a B. M s.
This magnetic switch uses a reed switch, so
basically a read switch. When it's open, it maintains a magnetic field
where the switch is separate. But as soon as you add a magnetic field to just rub that magnetic field, the re switch comes together on when the reeds switch comes together and touches each other. That's when the alarm is initiated.
Motion activated cameras. This is very straightforward. It's basically just a camera with video motion features. So anytime picks up any type of movement or activity, B camera turns on, and it starts to record
acoustic sensors. This is a device that uses passive listening to monitor building spaces. This is specifically designed to detect people who might stay behind after a building closes for the night so they can move around with whatever they want to do
On infrared Elin, your beam sensors. A focused infrared light beam is projected and bounced off a reflector on either side of the detection area, so this is usually situated across the hallway or a passage. So anyone who
walks across will
break be either from the transmitter to the receiver, and once that beam is broken, then in a warm will be initiated.
Passive infrared sensors. This picks up on heat signatures to detect intruders so the sensor is set at whatever the normal temperature off that room is. And if it picks up any heat signature, or if it sees a increase off temperature
from what it normally sees,
then a warm will be initiated.
These are also used as an automatic request to exit device, so the door must be locked.
But as soon as this p i R sensor picks up ah, heat signature that's greater than what it's used to see. It will unlock the door automatically
tool technology sensors. That's just a term saying that two different kinds of sensors are used to reduce the possibility off false alarms and also visitor control. Consider for consideration. Factors for
visitor control are controlled waiting room, having a badge or past visible when you walk around or having like your I D in a very noticeable spot so people can tell that you are a part of the organization and you have been
registered with the organization, so they know you were there.
Another aspect of visitor control is just being escorted around the organization by an employee.
Now that we have learned several different ways of detecting intruders, we must prevent them using physical security or security inside the building.
1st 1 LR locks, so there's two main types of locks. There are electric locks
and an electric strike, so an electric clock is your typical lot that you find in most doors. This is the one where the bolt comes out of the lock and into the door frame. You see this on just about all the home
home locks on your front door.
A electric strike is a type of lock that where the bolt does not move,
but rather there's a little part on the door frame that will open or close to allow the door to be open or shut.
So if you look at the picture on the right,
the part that moves is known as the lip or the keeper,
and once the lock is unlocked, then the wind the lip will move
and the door will open
magnetic locks. These are serviceman and magnets to hold the door closed. These are one of the best methods used
or having for applying security. Two doors that have already been built. They could just be last right onto the door, and they're very easy to install. A way to get around them is using a P I R sensor that we've looked at before. P I R Sensor detects state
You were coming. It will automatically
disengaged. The magnetic locks on the door can be opened or closed.
concept of building security is known as the anti passed back, and this is a strategy where a person must
present a credential to enter and exit Ah facility. So the organization knows that you came in and they know that you came out, so they know that you didn't song are are hiding inside the organization or the building waiting for the building to close for the night
turnstiles and man traps. These are very popular building security practices that have been used turnstiles. You see them enduring almost any sporting arena for any sporting event or any major office building
alm and then man traps where
this prevents multiple people from going through the same door at the same time. So the way a man trap works, the first door opens. A person walks in, the first door must close before the second door opens up.
It's only when the first door closes that the second door opens and then the person can walk through.
This is to prevent multiple people from going through the same door
at the same time.
It's amore types of locks. A rim lock is a lock that is mounted on the service of the door again. This you see this on just about all front doors of all homes, and another type of lock is known as a more T's lock. This is a lot that is built into the edge of the door
with this lock. The lock is embedded into the door itself,
and then the bull will come out and come back in. But there's no actual lock that, like a room locked that comes out of the door.
Dater center security. There was a lot of physical security. Considerations include with data centers and
considerations include our utilities, H vac systems, air contamination, water issues, far detection and suppression.
The biggest one is fire suppression. There are several different types of fire suppression systems.
This is the wet system, which is a constant supply for which will not shut off until the water sources shuttles. So even if the fire has been put out unless the water source has been shut off, water will continue to pour out of the spring course.
The next is the tri system. They do not have water in them, and the valve will not release until it is stimulated by access he so there is no water in the spring course above.
They are waiting for the heat valve to be triggered, and then water will come through the pipes and out of the sprinklers.
The next is the pre action system,
which incorporates a detection system. Water is held back until the detective detectors are activated. Once they are activated, the water comes pouring down.
The last type is the deluge system, which operates the same as the pre action system, except that the sprinkler heads are in the open position. So the sprinklers are open
and the water is waiting until a detector somewhere in the room has been activated. And at that point, the water will just pour out.
Order solutions are good for physical areas, but obviously not for computer equipment. We all know that water and computers
do not mix
addle. So for computer equipment,
there are gas fire suppression systems to the biggest ones are air OK, which is an air soul of microscopic potassium compounds,
and FM 200 which is a colorless slip. If I'd compressed gas, though it sits in a liquid form, and once a fire has been noticed, it comes down into a guess, which will then put out the fire.
In today's lecture, we discussed intrusion detection systems
on building security
All of these are examples of physical building security except a more T's clocks
be balanced magnetic switches
Stee man traps de magnetic locks
if you pick be than you were correct. Remember, balanced magnetic switches are considered to be an intrusion detection device rather than a piece of physical building security.
Thanks for watching guys. I really hope you learned a lot in this lesson and I'll see you next time.
ISC2 Systems Security Certified Practitioner (SSCP) Practice Assessment
The SSCP exam preparation package helps students prepare for the ISC2 SSCP certification exam. ...
(ISC)2 Certified Information Systems Security Professional 2015
(ISC)2 Certified Information Systems Security Professional 2015 is a practice exam preparing for the CISSP ...