Topic 1: Access Control
Physical security is accomplished through proper facility construction, fire and water
protection, anti-theft mechanisms, intrusion detection systems, and security procedures
that are adhered to and enforced. Which of the following is not a component that achieves
this type of security?
A.
Administrative control mechanisms
B.
Integrity control mechanisms
C.
Technical control mechanisms
D.
Physical control mechanisms
Integrity control mechanisms
Integrity Controls Mechanisms are not part of physical security. All of the
other detractors were correct this one was the wrong one that does not belong to Physical
Security. Below you have more details extracted from the SearchSecurity web site:
Information security depends on the security and management of the physical space in
which computer systems operate. Domain 9 of the CISSP exam's Common Body of
Knowledge addresses the challenges of securing the physical space, its systems and the
people who work within it by use of administrative, technical and physical controls. The
following QUESTION NO: s are covered:
Facilities management: The administrative processes that govern the maintenance and
protection of the physical operations space, from site selection through emergency
response. Risks, issues and protection strategies: Risk identification and the selection of security
protection components.
Perimeter security: Typical physical protection controls.
Facilities management
Facilities management is a complex component of corporate security that ranges from the planning of a secure physical site to the management of the physical information system
environment. Facilities management responsibilities include site selection and physical
security planning (i.e. facility construction, design and layout, fire and water damage
protection, antitheft mechanisms, intrusion detection and security procedures.) Protections
must extend to both people and assets. The necessary level of protection depends on the
value of the assets and data. CISSP® candidates must learn the concept of critical-path
analysis as a means of determining a component's business function criticality relative to
the cost of operation and replacement. Furthermore, students need to gain an
understanding of the optimal location and physical attributes of a secure facility. Among the
QUESTION NO: s covered in this domain are site inspection, location, accessibility and
obscurity, considering the area crime rate, and the likelihood of natural hazards such as
floods or earthquakes This domain also covers the quality of construction material, such as its protective qualities
and load capabilities, as well as how to lay out the structure to minimize risk of forcible
entry and accidental damage. Regulatory compliance is also touched on, as is preferred
proximity to civil protection services, such as fire and police stations. Attention is given to
computer and equipment rooms, including their location, configuration (entrance/egress
requirements) and their proximity to wiring distribution centers at the site.
Physical risks, issues and protection strategies
An overview of physical security risks includes risk of theft, service interruption, physical
damage, compromised system integrity and unauthorized disclosure of information.
Interruptions to business can manifest due to loss of power, services, telecommunications
connectivity and water supply. These can also seriously compromise electronic security
monitoring alarm/response devices. Backup options are also covered in this domain, as is
a strategy for quantifying the risk exposure by simple formula.Investment in preventive security can be costly. Appropriate redundancy of people skills,
systems and infrastructure must be based on the criticality of the data and assets to be
preserved. Therefore a strategy is presented that helps determine the selection of cost
appropriate controls. Among the QUESTION NO: s covered in this domain are regulatory
and legal requirements, common standard security protections such as locks and fences,
and the importance of establishing service level agreements for maintenance and disaster
support. Rounding out the optimization approach are simple calculations for determining
mean time between failure and mean time to repair (used to estimate average equipment
life expectancy) — essential for estimating the cost/benefit of purchasing and maintaining
redundant equipment. As the lifeblood of computer systems, special attention is placed on adequacy, quality and protection of power supplies. CISSP candidates need to understand power supply
concepts and terminology, including those for quality (i.e. transient noise vs. clean power);
types of interference (EMI and RFI); and types of interruptions such as power excess by
spikes and surges, power loss by fault or blackout, and power degradation from sags and
brownouts. A simple formula is presented for determining the total cost per hour for backup
power. Proving power reliability through testing is recommended and the advantages of
three power protection approaches are discussed (standby UPS, power line conditioners
and backup sources) including minimum requirements for primary and alternate power
provided. Environmental controls are explored in this domain, including the value of positive pressure
water drains and climate monitoring devices used to control temperature, humidity and
reduce static electricity. Optimal temperatures and humidity settings are provided.
Recommendations include strict procedures during emergencies, preventing typical risks
(such as blocked fans), and the use of antistatic armbands and hygrometers. Positive
pressurization for proper ventilation and monitoring for air born contaminants is stressed.
The pros and cons of several detection response systems are deeply explored in this
domain. The concept of combustion, the classes of fire and fire extinguisher ratings are
detailed. Mechanisms behind smoke-activated, heat-activated and flame-activated devices
and Automatic Dial-up alarms are covered, along with their advantages, costs and shortcomings. Types of fire sources are distinguished and the effectiveness of fire
suppression methods for each is included. For instance, Halon and its approved
replacements are covered, as are the advantages and the inherent risks to equipment of
the use of water sprinklers.
Administrative controls
The physical security domain also deals with administrative controls applied to physical
sites and assets. The need for skilled personnel, knowledge sharing between them,
separation of duties, and appropriate oversight in the care and maintenance of equipment
and environments is stressed. A list of management duties including hiring checks,
employee maintenance activities and recommended termination procedures is offered.
Emergency measures include accountability for evacuation and system shutdown
procedures, integration with disaster and business continuity plans, assuring documented
procedures are easily available during different types of emergencies, the scheduling of
periodic equipment testing, administrative reviews of documentation, procedures and
recovery plans, responsibilities delegation, and personnel training and drills. Perimeter security
Domain nine also covers the devices and techniques used to control access to a space. These include access control devices, surveillance monitoring, intrusion detection and
corrective actions. Specifications are provided for optimal external boundary protection,
including fence heights and placement, and lighting placement and types. Selection of door
types and lock characteristics are covered. Surveillance methods and intrusion-detection
methods are explained, including the use of video monitoring, guards, dogs, proximity
detection systems, photoelectric/photometric systems, wave pattern devices, passive
infrared systems, and sound and motion detectors, and current flow sensitivity devices that
specifically address computer theft. Room lock types — both preset and cipher locks (and
their variations) - device locks, such as portable laptop locks, lockable server bays, switch
control locks and slot locks, port controls, peripheral switch controls and cable trap locks
are also covered. Personal access control methods used to identify authorized users for
site entry are covered at length, noting social engineering risks such as piggybacking.
Wireless proximity devices, both user access and system sensing readers are covered (i.e.
transponder based, passive devices and field powered devices) in this domain. Now that you've been introduced to the key concepts of Domain 9, watch the Domain 9,
Physical Security video
Return to the CISSP Essentials Security School main page
See all SearchSecurity.com's resources on CISSP certification training
Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-
Hill/Osborne, 2001, Page 280.
Which of the following is addressed by Kerberos?
A.
Confidentiality and Integrity
B.
Authentication and Availability
C.
Validation and Integrity
D.
Auditability and Integrity
Confidentiality and Integrity
Kerberos addresses the confidentiality and integrity of information.
It also addresses primarily authentication but does not directly address availability.
Reference(s) used for this question KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the Ten
Domains of Computer Security, 2001, John Wiley & Sons, Page 42.
and
https://www.ietf.org/rfc/rfc4120.txt
and
http://learn-networking.com/network-security/how-kerberos-authentication-works
A confidential number used as an authentication factor to verify a user's identity is called a:
A.
PIN
B.
User ID
C.
Password
D.
Challenge
PIN
PIN Stands for Personal Identification Number, as the name states it is a
combination of numbers.
The following answers are incorrect:
User ID This is incorrect because a Userid is not required to be a number and a Userid is
only used to establish identity not verify it.
Password. This is incorrect because a password is not required to be a number, it could be
any combination of characters.
Challenge. This is incorrect because a challenge is not defined as a number, it could be
anything.
How should a doorway of a manned facility with automatic locks be configured?
A.
It should be configured to be fail-secure.
B.
It should be configured to be fail-safe
C.
.
It should have a door delay cipher lock.
D.
It should not allow piggybacking
It should be configured to be fail-safe
Access controls are meant to protect facilities and computers as well as
people.
In some situations, the objectives of physical access controls and the protection of people's
lives may come into conflict. In theses situations, a person's life always takes precedence.
Many physical security controls make entry into and out of a facility hard, if not impossible.
However, special consideration needs to be taken when this could affect lives. In an
information processing facility, different types of locks can be used and piggybacking
should be prevented, but the issue here with automatic locks is that they can either be
configured as fail-safe or fail-secure.
Since there should only be one access door to an information processing facility, the
automatic lock to the only door to a man-operated room must be configured to allow people
out in case of emergency, hence to be fail-safe (sometimes called fail-open), meaning that
upon fire alarm activation or electric power failure, the locking device unlocks. This is
because the solenoid that maintains power to the lock to keep it in a locked state fails and
thus opens or unlocks the electronic lock.
Fail Secure works just the other way. The lock device is in a locked or secure state with no
power applied. Upon authorized entry, a solinoid Fail Secure lock, loss of power of fire alarm activation causes the lock to remain in a secure
mode.
Reference(s) used for this question:
Harris, Shon (2012-10-18). CISSP All-in-One Exam Guide, 6th Edition (p. 451). McGraw-
Hill. Kindle Edition.
and
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 20249-20251). Auerbach Publications. Kindle
Edition.
A potential problem related to the physical installation of the Iris Scanner in regards to the
usage of the iris pattern within a biometric system is:
A.
concern that the laser beam may cause eye damage
B.
the iris pattern changes as a person grows older.
C.
there is a relatively high rate of false accepts.
D.
the optical unit must be positioned so that the sun does not shine into the aperture
the optical unit must be positioned so that the sun does not shine into the aperture
Because the optical unit utilizes a camera and infrared light to create the
images, sun light can impact the aperture so it must not be positioned in direct light of any
type. Because the subject does not need to have direct contact with the optical reader,
direct light can impact the reader.
An Iris recognition is a form of biometrics that is based on the uniqueness of a subject's iris.
A camera like device records the patterns of the iris creating what is known as Iriscode.
It is the unique patterns of the iris that allow it to be one of the most accurate forms of
biometric identification of an individual. Unlike other types of biometics, the iris rarely
changes over time. Fingerprints can change over time due to scaring and manual labor,
voice patterns can change due to a variety of causes, hand geometry can also change as
well. But barring surgery or an accident it is not usual for an iris to change. The subject has
a high-resoulution image taken of their iris and this is then converted to Iriscode. The
current standard for the Iriscode was developed by John Daugman. When the subject
attempts to be authenticated an infrared light is used to capture the iris image and this
image is then compared to the Iriscode. If there is a match the subject's identity is
confirmed. The subject does not need to have direct contact with the optical reader so it is
a less invasive means of authentication then retinal scanning would be. Reference(s) used for this question:
AIO, 3rd edition, Access Control, p 134.
AIO, 4th edition, Access Control, p 182.
Wikipedia - http://en.wikipedia.org/wiki/Iris_recognition
The following answers are incorrect:
concern that the laser beam may cause eye damage. The optical readers do not use laser so, concern that the laser beam may cause eye damage is not an issue.
the iris pattern changes as a person grows older. The question asked about the physical
installation of the scanner, so this was not the best answer. If the question would have
been about long term problems then it could have been the best choice. Recent research
has shown that Irises actually do change over time: http://www.nature.com/news/ageingeyes-
hinder-biometric-scans-1.10722
there is a relatively high rate of false accepts. Since the advent of the Iriscode there is a
very low rate of false accepts, in fact the algorithm used has never had a false match. This
all depends on the quality of the equipment used but because of the uniqueness of the iris
even when comparing identical twins, iris patterns are unique.
For maximum security design, what type of fence is most effective and cost-effective
method (Foot are being used as measurement unit below)?
A.
3' to 4' high
B.
6' to 7' high
C.
8' high and above with strands of barbed wire
D.
Double fencing
Double fencing
The most commonly used fence is the chain linked fence and it is the most
affordable. The standard is a six-foot high fence with two-inch mesh square openings. The
material should consist of nine-gauge vinyl or galvanized metal. Nine-gauge is a typical
fence material installed in residential areas.
Additionally, it is recommended to place barbed wire strands angled out from the top of the
fence at a 45° angle and away from the protected area with three strands running across
the top. This will provide for a seven-foot fence. There are several variations of the use of
“top guards” using V-shaped barbed wire or the use of concertina wire as an enhancement,
which has been a replacement for more traditional three strand barbed wire “top guards.”
The fence should be fastened to ridged metal posts set in concrete every six feet with
additional bracing at the corners and gate openings. The bottom of the fence should be
stabilized against intruders crawling under by attaching posts along the bottom to keep the fence from being pushed or pulled up from the bottom. If the soil is sandy, the bottom edge
of the fence should be installed below ground level.
For maximum security design, the use of double fencing with rolls of concertina wire
positioned between the two fences is the most effective deterrent and cost-efficient
method. In this design, an intruder is required to use an extensive array of ladders and
equipment to breach the fences.
Most fencing is largely a psychological deterrent and a boundary marker rather than a
barrier, because in most cases such fences can be rather easily penetrated unless added
security measures are taken to enhance the security of the fence. Sensors attached to the
fence to provide electronic monitoring of cutting or scaling the fence can be used.
Reference(s) used for this question:
Hernandez CISSP, Steven (2012-12-21). Official (ISC)2 Guide to the CISSP CBK, Third
Edition ((ISC)2 Press) (Kindle Locations 24416-24431). Auerbach Publications. Kindle
Edition.
The "vulnerability of a facility" to damage or attack may be assessed by all of the following
except:
A.
Inspection
B.
History of losses
C.
Security controls
D.
security budget
security budget
Source: The CISSP Examination Textbook- Volume 2: Practice by S. Rao
Vallabhaneni
Which integrity model defines a constrained data item, an integrity verification procedure
and a transformation procedure?
A.
The Take-Grant model
B.
The Biba integrity model
C.
The Clark Wilson integrity model
D.
The Bell-LaPadula integrity model
The Clark Wilson integrity model
The Clark Wilson integrity model addresses the three following integrity
goals: 1) data is protected from modification by unauthorized users; 2) data is protected
from unauthorized modification by authorized users; and 3) data is internally and externally
consistent. It also defines a Constrained Data Item (CDI), an Integrity Verification
Procedure (IVP), a Transformation Procedure (TP) and an Unconstrained Data item. The
Bell-LaPadula and Take-Grant models are not integrity models.
Source: KRUTZ, Ronald L. & VINES, Russel D., The CISSP Prep Guide: Mastering the
Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 5: Security
Architecture and Models (page 205).
Which of the following Kerberos components holds all users' and services' cryptographic
keys?
A.
The Key Distribution Service
B.
The Authentication Service
C.
The Key Distribution Center
D.
The Key Granting Service
The Key Distribution Center
The Key Distribution Center (KDC) holds all users' and services'
cryptographic keys. It provides authentication services, as well as key distribution
functionality. The Authentication Service is the part of the KDC that authenticates a
principal. The Key Distribution Service and Key Granting Service are distracters and are
not defined Kerberos components.
Source: WALLHOFF, John, CISSP Summary 2002, April 2002, CBK#1 Access Control
System & Methodology (page 3)
Controls to keep password sniffing attacks from compromising computer systems include
which of the following?
A.
static and recurring passwords.
.
B.
encryption and recurring passwords.
C.
one-time passwords and encryption.
D.
static and one-time passwords
one-time passwords and encryption.
To minimize the chance of passwords being captured one-time passwords
would prevent a password sniffing attack because once used it is no longer valid.
Encryption will also minimize these types of attacks.
The following answers are correct:
static and recurring passwords. This is incorrect because if there is no encryption then
someone password sniffing would be able to capture the password much easier if it never
changed.
encryption and recurring passwords. This is incorrect because while encryption helps,
recurring passwords do nothing to minimize the risk of passwords being captured.
static and one-time passwords. This is incorrect because while one-time passwords will
prevent these types of attacks, static passwords do nothing to minimize the risk of
passwords being captured.
Page 3 out of 105 Pages |
Previous |