Bringing It All Together
After you understand the various threats to physical security and the tools and countermeasures available, consider where these controls may need to be implemented in your organization.
At the organization’s perimeter, which may include adjacent buildings or grounds, parking lots, and possibly a moat — well, that’s a stretch — physical security threats may include fire, water, vibration and movement, severe weather, sabotage and vandalism, and loss of communications or utilities.
And, of course, you were involved in the initial site selection and facility design planning when your building was built so you have no problem securing the perimeter, right? Well, for the other 99 percent of people who weren’t so fortunate and have to address physical security in a preexisting location and facility, begin by assessing which threats are most relevant — and how to mitigate associated risks. Consider recommending physical security controls at the perimeter, such as fencing, security guards, dogs, surveillance, and alarms, when applicable. If these controls already exist, ensure that they’re adequate and assessed regularly. If physical security isn’t part of your responsibility, ensure that you have a good working relationship with whoever is responsible. Know who to call in an emergency (fire, police, and utilities) and don’t be a stranger — establish working relationships with these professionals before you need their help! Recommend appropriate security technologies that support physical and environmental security controls.
Interior security deals with . . . the inside of your facility! Many of the same physical security threats that affect the perimeter also affect the interior, but often in very different ways. A fire can be a far more life-threatening emergency inside a facility than outside. Water damage may come from sources other than a flash flood, such as your own fire suppression system.
Again, under ideal circumstances, your employer’s interior designer consulted with a CISSP, but more often than not, you have some work to do in this area as well! Consider the various aspects of the facility when you recommend interior controls, including the interior walls, ceilings, floors, doors, and storage areas. And don’t forget the lighting, electrical wiring, physical cabling, ventilation systems, and pipes.
Various controls for interior security may include locks, restricted areas, security badges, biometric access controls, surveillance, intrusion detection, motion detectors, alarms, and fire detection and suppression systems.
Operations, facility and equipment security involve addressing many of the same threats as interior security and supporting many of the same security controls and countermeasures, but with a specific focus on how these threats may adversely affect your business and computer operations. Administrative controls, such as designating restricted areas, visitor policies, audit trails and access logs, and asset classification and control, are particularly important.
Prep Test
1 The three elements of the fire triangle necessary for a fire to burn include all the following except
A Fuel
B Oxygen
C Heat
D Nitrogen
2 Electrical fires are classified as what type of fire and use what extinguishing methods?
A Class B; CO2 or soda acid
B Class B; CO2 or FM-200
C Class C; CO2 or FM-200
D Class A; water or soda acid
3 A prolonged drop in voltage describes what electrical anomaly?
A Brownout
B Blackout
C Sag
D Fault
4 What type of cabling should be used below raised floors and above drop ceilings?
A CAT-5
B Plenum
C PVC
D Water-resistant
5 In order to deter casual trespassers, fencing should be a minimum height of
A 1 to 3 feet
B 3 to 4 feet
C 6 to 7 feet
D 8 feet or higher
6 Three types of intrusion detection systems (IDSs) used for physical security include photoelectric sensors, dry contact switches, and which of the following?
A Motion detectors
B Anomaly-based
C Host-based
D Network-based
7 A water sprinkler system in which no water is initially present in the pipes and which, at activation, delivers a large volume of water describes what type of system?
A Wet-pipe
B Dry-pipe
C Deluge
D Preaction
8 Portable CO2 fire extinguishers are classified as what type of extinguishing system?
A Gas-discharge systems
B Water sprinkler systems
C Deluge systems
D Preaction systems
9 Which of the following extinguishing agents fights fires by separating the elements of the fire triangle, rather than by simply removing one element?
A Water
B Soda acid
C CO2
D FM-200
10 Production of Halon has been banned for what reason?
A It is toxic at temperatures above 900°F.
B It is an ozone-depleting substance.
C It is ineffective.
D It is harmful if inhaled.
Answers
1 D. Nitrogen. The fire triangle consists of fuel, oxygen, and heat. Review “Physical Security Threats.”
2 C. Class C; CO2 or FM-200. Class B fires consist of burnable fuels and are extinguished by using CO2, soda acid, or FM-200. Class A fires consist of common combustible materials. Review “Physical Security Threats.”
3 A. Brownout. A blackout is a total loss of power, a sag is a short drop in voltage, and a fault is a momentary loss of power. Review “Physical Security Threats.”
4 B. Plenum. Cat 5 cabling can be either plenum or PVC-coated. PVC cabling releases toxic vapors when burned. Both PVC and plenum coatings are water resistant. Review “Designing a secure facility.”
5 B. 3 to 4 feet. Fencing of 1 to 3 feet might deter a toddler or a duck! 6 to 7 feet is too high to climb easily. Eight-foot-tall or higher fencing (that includes three-strand barbed wire at the top) can deter a more determined intruder. Review “Fencing.”
6 A. Motion detectors. Anomaly-based, host-based, and network-based systems are types of intrusion detection systems (IDSs) used for computer systems and networks. Review “Intrusion detection.”
7 C. Deluge. A wet-pipe system always has water present in the pipes. A dry-pipe system is similar to a deluge system but doesn’t deliver a large volume of water. A preaction system combines elements of both wet- and dry-pipe systems. Review “Suppression systems.”
8 A. Gas-discharge systems. Water sprinkler systems are fixed systems that discharge water. Deluge and preaction systems are types of water sprinkler systems. Review “Suppression systems.”
9 D. FM-200. Water fights fires by removing the heat element. Soda acid fights fires by suppressing the fuel element. CO2 fights fires by removing the oxygen element. Review “Suppression systems.”
10 B. It is an ozone-depleting substance. Halon does release toxic chemicals at temperatures above 900°F and is harmful if inhaled in concentrations greater than 10 percent, but its production wasn’t banned for these reasons. Review “Suppression systems.”