Welcome to Cyber is video series on the Comedy of Security plus 5 +01 Certification and Exam.
I'm your Instructor, Round Warner.
In this video, we'll be talking about section 3.9 of the Security plus Exam objectives.
Explain the importance of physical security controls
when building a network and I t infrastructure. Many organizations overlook physical, security
and smaller organizations. The server switches routers. Patch panels are placed as a matter of convenience because of space restrictions.
This can cause many security issues.
Speaking from experience, the equipment ends up in the oddest of places.
Coat closets, server rooms that are old offices with opening windows to the outside,
underneath the receptionist test
in the room with the copy machine, et cetera. I'm sure you've seen similar situations because physical and environmental security were not considered as part of information technology.
In this video, I'll be talking all about the different aspects of physical security. Environmental controls,
including lighting, signs, fences, security guards, alarms, Safe's man traps. Faraday Cage is different types of locks, environmental controls, cameras, motion detection, infrared detection and key management.
The number one key to remember from this section is that human life has top priority.
It's always the most important asset when planning and managing physical and environmental safety controls.
If you ever see a question on the exam involving human life in human safety, that is normally the answer is that's top priority.
Their fundamental physical security concepts. You need to keep in mind both for the security plus exam and as you're working as a security professional,
I have on the screen an example of the Tower of London, where you can see defense and depth and layered security.
Physical security concepts includes protection using locks and barriers such as walls and fences,
deterrence guards and dogs, and lighting
delay mechanisms such as barricades. Bollards will describe what it bollard is a little later,
and the detection using motion sensors and cameras.
Often, these different capabilities cross the different concepts. For example, a guard also is used for detection.
Be familiar with these physical security concepts, used the Tower of London to drive each of them home and understand protection, detection, delay and deterrence.
Lighting is a form of crime deterrence. We might not associate it with I T. Security. Having proper lighting on access points is key.
It is important to have the correct lighting when using the various types of surveillance equipment as well.
Keep in mind lighting controls and switches should be protected, locked and in centralized areas. I've seen large organizations where they've had their equipment panels in closets, and you could turn out the lights for the entire building and never be detected.
They're different aspects of lighting you need to be familiar with. You can see them on your screen. Continuous lighting. There's an even amount of lighting over a specified area as opposed to controlled lighting. Or maybe you have a dimmer in certain areas and brighter and others, depending on the security and business needs.
Stand by lighting.
Those were like those switches that automatically come by for a motion detection configured to turn on and off at different times.
Redundant or backup lighting is available should there be a power outage
and then response Area illumination takes place when an intrusion detection system detects suspicious activities
and turns on lights within the specified area.
Another aspect of physical security you need to know is perimeter security using fences, gates, cages
varying the heights or gators and mash provide different security features
also using natural landscaping such as rose bushes. I have worked at a data center with road rose bushes around the outside, not only for beauty but really to help protect the facility.
All of this is contained in the idea of crime prevention through environmental design. C P T E D.
Crime prevention through environment design, is to find as a multidisciplinary approach to deterring criminal behavior through environment designed
C P T. T. Strategies rely upon the ability to influence offender decisions that proceed criminal attacks by affecting the build
social and administrative environment.
Many organizations you safe and locking cabinets to secure critical information
should understand the nature of Safe's. It's interesting. How they are radiated is by how long it takes for someone to be ableto break in. It's assumed that a safe will be eventually breached,
but it's rated based on time and then the pressure or heat that it would take
to get into that safe.
There's different types of safe be familiar with. There's also locking cabinets that may not provide the level of security as a safe
computer. Cable locks should be provided to folks with laptops who travel reduced that potential for theft.
Lastly, key management. I'm not talking about certificate keys, but physical keys. Who has the keys can duplicate be made?
Where are they stored? Can anyone grab a key for the offices
that's required? And it's a required, unnecessary state. It's a required, unnecessary step for security.
If you've ever gone to a security conference with a lock picking village, you'll know that this is an important concept of how locks function. There's different types. You need to be familiar with a combination lock, rather than using a key you put in the combination. Of course, there's the keying locks
cipher locks where you type in the code.
There's different types of Loch grades you might want to familiar self. Familiarize yourself with great One is the heavy duty commercial grade. Two more residential but heavy duty or light commercial Great three residential locks that usually are easily broken.
There's also different types of cylinders. You see some of the examples on your screen.
Ah, lo cylinder category. No picker drill. Reeses Sicilians provided so easily broken medium little pick resilience High Has a higher degree of pick resilience.
Learn different types of locks. Might need them not only in your own business, but within your home as well.
Many organizations deploy physical access controls for you to be able to enter the facility,
see different types of turnstiles on the screen.
They prevent piggybacking, so employees have to go in one at a time,
probably scan in a badge in order to gain access.
Be familiar with turnstiles and the key. They prevent piggy backing into the facility.
A man trap. It's another type of physical access control often utilized in data centers. Where uses a double set of doors. You cannot go through the second set of doors until the first set is closed.
Used to control the number of personnel into the facility. These man traps allow only one person through at a time.
May also have a weight sensor on the floor to detect if it looks like multiple people are going through or if a person may be carrying out equipment so they're above a standard human body weight
man traps could be manually operated or automatic. As you walk through different parts of your life, see where man traps are deployed. You'll see that they are all around us.
A physical security measure to protect electron ICS is known as a Faraday cage, and shielding
shielding is the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting information processing abilities.
A Faraday Cage or Faraday Shield is enclosure used to block electromagnetic fields, a common Faraday shield have in your home. Many offices is a microwave, believe it or not.
So if you ever need to protect electronics from the mission,
stick it in the microwave. But make sure you unplug it first.
A common type of physical security control. Tight offenses are barricades and bollards.
Bollards air those small, often concrete pillars, sometimes containing lights or flowers. Or, if you go to target, the big red ball in front of the Target store is actually a concrete bollard. They're used to stop People from driving through the wall, often be put between the building and the parking lot,
and they could be arranged to form a natural path for walking.
There are other types of personnel access controls. You should be familiar with
the issues. Different technologies to grant access to a facility.
It could be user activated using suede cards. Biometrics, physical key
or proximity device is where the system recognizes the presence of an object.
You see this going in and out of a supermarket where the doors automatically open those air proximity devices.
Key cards are common form of site access control.
They provide a centralized access, consistent card. Readers. Centralized computer and electronic door latch is often these go across the organization's computer network because these Air I P enabled devices
a benefit for card reading is that they're easy to use. Provide audit records easy to change access permissions. A deficiency is that they could be used by others
and that people may still tailgate.
Biometric access controls uses some type of A feature, such as our fingerprints, facial or iris recognition,
and it's based on a specific biometric measurement.
I talked more about biometrics and other videos.
With biometrics, you have greater confidence of the claimed identity.
The challenges They tend to be a lot more expensive and require you to initially submit your fingerprints or body measurements.
Detection is another fundamental physical security concept
to primary methods are motion detection, location monitoring and alarms based on movement and infrared detection detects changes in infrared radiation, thermal heat,
basically detecting bodies.
Each of these methods could be used part of physical intrusion detection system. As part of this section, you should also be familiar with different environmental controls such as heating, ventilation and air conditioning systems, or age back
hot and cold isles within a data center and fire suppression.
H Vac systems control the environment for organizations, and they often provide an avenue in to the organization, both physically and logically
security concepts to keep in mind associated with age back. It's having redundancy. So if your air conditioning unit goes out within your data center, there's another one, too. This way your servers don't overheat.
Also having backup power or using ups, make sure there's a consistent power to those H Vac systems. Zone based heating and cooling, which will cover next rows of servers within a data center, are known as aisles, and they could be cooled as hot aisles and cold isles with a hot I'll
hot air Outlets are used to cool the equipment,
whereas with cold isles, cold air intake is used to cool the equipment.
Combining the two. You have cold air intake from below the aisle. Hot air out take above it, providing constant circulation.
It is important that the hot air exhausting from one aisle of racks not be the intake air pulled in from the next row of racks or overheating will occur.
Air handlers must move the hot air out, whereas cold air, usually coming from beneath a raised floor, is supplied as the intake air.
Next time you walk through a data center,
look for the hot aisles and cold isles protecting computer equipment from fire and smoke. It's important consideration for physical security.
Be familiar with fire prevention, detection and suppression.
On your screen are common definitions for each.
I'll cover different types of fire suppression systems on the next slide.
They're different types of fire suppression agents in place within organizations.
Water is often used with overhead sprinkler systems. Hey, Lon and hell on substitute. Taelon is no longer used within data center because of the environmental hazards.
So often you will you see oh, to sucking the oxygen out of the data center to reduce the impact of fire soda acid, dry powders and foams are other methods
for both security plus and your own education. You should be familiar with the different fire extinguisher ratings
Taipei used for wood and paper
tight. Be flammable liquids.
Type C electrical and type D flammable metals. Be familiar with the type of fire extinguisher you may have it, your home or business.
Earlier, I talked about using water for fire suppression
on your screen or the different types of sprinkler systems.
The wet pipe, which is filled with pressurized water so it's ready to rain As soon as a fire is detected.
A dry pipe will fill with water on Lee. When activated,
day lose discharges water from all the Sprinkles, all all the sprinklers at once. When activated,
a pre action is a dry pipe that converts to a wet pipe. When alarms are activated,
foam water sprinkler uses water and fire retardant foam
and gashes. Fire suppression, like CO two, displaces the oxygen.
Video surveillance and cameras provide both physical security as well as environmental controls, their supplements for security guards and used as part of detection and potentially deterrence. They provide points of view, usually not easily achieved just with guards.
You can have multiple cameras covering the facility to provide eyes on sensitive areas, locations commonly are found it entrances and exits, loading bays on server rooms or networking closets
even in refuse collection areas. Your garbage cans make sure no one is dumpster diving.
Walk around your facility and see where all the video cameras. Maybe you might be surprised at the number and use CCTV closed. Caption. Television is a type of video surveillance. There's also DTV digital TV digital surveillance.
When you're enabling this at your organization, consider the following. First of all, what's the purpose
to detect, assassin or identify intruders? The environment will be internal or external or both.
Field of view. The area to be monitored. You want to make sure there are no dead spots where someone could hide where there's no camera illumination. Talked about lighting a lot earlier. You use natural or artificial lighting. Make sure there is enough light to catch someone in the act if they're performing something they shouldn't be doing,
lastly, integrating it with other types of security controls.
This concludes the topic area about physical security.
Let's review with a sample exam question
question. Which of the following is an intermediate access mechanism used in a high security installation that requires visual inspection and authentication gain access.
The answer is D A man trap. The other answers don't fit the definition for a man trap.
This concludes the video for section 3.9 of Security plus
Explain the importance of physical security controls.
Refer to your study material for more information on this topic.