Physical (Environmental) Security
The Physical (Environmental) Security domain addresses the threats, vulnerabilities and countermeasures that can be utilized to physically protect an enterprise’s resources and sensitive information. These resources include people, the facility in which they work, and the data, equipment, support systems, media, and supplies they utilize.
Physical security describes measures that are designed to deny access to unauthorized personnel (including attackers) from physically accessing a building, facility, resource, or stored information; and guidance on how to design structures to resist potentially hostile acts.
The candidate is expected to know the elements involved in choosing a secure site, its design and configuration, and the methods for securing the facility against unauthorized access, theft of equipment and information, and the environmental and safety measures needed to protect people, the facility, and its resources.
We talk about this domain in Chapter 13. The major topics for this domain include
Taking the site and facility design into consideration
Establishing perimeter security
Reviewing internal security
Establishing facilities security
Setting up equipment security
Providing for personnel privacy and safety