You are on page 1of 19

CISSP Essentials:

Mastering the Common Body of Knowledge

Class 9:
Physical security

Lecturer Shon Harris, CISSP, MCSE


President, Logical Security

CISSP Essentials:
Mastering the Common Body of Knowledge

CISSP Essentials Library:


www.searchsecurity.com/CISSPessentials
Class 9 Quiz:
www.searchsecurity.com/Class9quiz
Class 9 Spotlight:
www.searchsecurity.com/Class9spotlight

Physical security objectives


First line of defense
Facility location and construction
Physical security risks, threats and
countermeasures
Electrical issues and countermeasures
Perimeter protection mechanisms
Physical intrusion detection
Fire prevention, detection and
suppression

Physical security - Threats


A full threat analysis should be conducted

Understanding the common threats to any facility


Identifying threats that apply specifically to a certain company
This analysis helps ensure that proper countermeasures are
implemented

Vulnerabilities and threats that


need to be identified

Physical damage
Theft of assets
Interruption of services
Unauthorized disclosure of information
Natural disasters
Fires
Vandalism
Terrorism
Environmental issues

Facility site selection


Location considerations

Natural disasters

Different areas are prone to certain types of disasters

Local crime

Cheaper land prices, but more money will be spent on protecting company
assets

Access highways and airports

Is this necessary for the company?

Customer access

Will customers be entering the facility?

Joint tenants

Types of companies in the area

Proximity to emergency services

Hospital, fire station, police station

Visibility

Should the facility stand out and attract attention?


What type of signs and markings should be on the building?

Facility construction
Construction issues

What will the facility be used for?

Building codes are different for different uses of facilities

Are there emanation security threats?

Storage, office space, industrial plant

May require walls and ceilings to be re-enforced with


material that controls electrical radiation

Level of fire resistance

A light frame will be destroyed by fire in approximately 30 minutes

Fire resistant material has a type of insulation that provides protection

Use of heavy timber requires the minimum thickness of the structure to be


4 inches

Steel or mineral wool is sprayed onto structural elements

Data center location

Located in core of facility for protection from exterior threats

Not in the basement or top floors

Controlling access
Restricting access to sensitive areas
Security professional must first assess the companys
workflow processes

Who needs to have access to this area?


How often do they need access?
What level of protection do sensitive assets require?
Proper type of access control for this environment
Necessary alerts and logging of activities
Fire codes require what type of designated fire route?

Access also needs to be restricted for

Electrical power service and HVAC


Telephone and data lines
Surveillance and monitoring devices

Entrance protection
Turnstiles
Revolving doors
Can be activated to lock and not allow unauthorized individuals
to enter or leave a facility

Mantraps

Individual must be authenticated to enter the


mantrap
Then they must be authenticated again to exit the
mantrap and gain access to the internal work area

Some use biometric devices to weigh individuals


Provides further protection against piggybacking

Fail-safe

Door defaults to being unlocked


Dictated by fire codes

Fail-secure

Door defaults to being locked

Perimeter protection - Fencing


Fencing

Heights provide degrees of protection

3-4ft Deters casual trespassers


6-7ft Too high to climb easily
8ft with three strands of barbed wire Deters determined intruder
(9 feet in height including the barbed wire)

Critical areas should have at least 8-foot fences


Powered fencing

Sounds an alarm when touched and sends out an electrical shock to


trespasser

PIDAS fencing

Perimeter Intrusion Detection and Assessment System


Detects attempts to climb or cut the fence
Mesh-wire fence with a passive cable vibration sensor that sets off an alarm
if detected

Perimeter protection - Lighting


Lighting

Deters trespassers
Required in critical areas, entrances and
parking lots

Ensure there are no dead zones

Where employees walk or gather

Dark areas between lighted areas


Illumination of lights should slightly overlap to
ensure full coverage

Should be properly combined with


surveillance tools

Types of physical intrusion-detection systems


Electro-mechanical Most widely used
Magnetic switches
Metallic foil in windows
Pressure mats
Volumetric Not used as often
Vibration
Microwave, ultrasonic, passive infrared
Photoelectric
Intrusion detection characteristics
Expensive and requires human intervention
Redundant power supply and emergency backup power is necessary
Can be linked to a central security system fire and intruder detection
Should have a fail-safe configuration
Should detect, and be resistant to, tampering
Can be penetrated not a silver bullet

Electrical power
Primary power source
Provides day-to-day power
Needs dedicated feeders from utility
substation

Alternate power source


Backup power in the event of a failure of the
primary source

Generator
Uninterruptible Power Supply (UPS)

Online UPS

Primary power supply goes though this type of UPS


constantly

More expensive

Standby UPS

Takes on load more quickly than a standby UPS


Monitors power line and switches to battery power
when power is lost

Another feeder from a utility substation

Power interference
Clean power
Power supply has no interference or voltage
fluctuation

Electromagnetic Interference (EMI)


Caused by difference between wires (hot, neutral,
ground)

Incorrect wiring Neutral wire is at a different potential than ground


wire

Improper grounding

Caused by lightning or electrical motors

Radio Frequency Interference (RFI)


Caused by fluorescent lighting, electric cables,
components within electrical systems, radio signals

Transient noise
Disturbance imposed on a power line
Can damage devices, corrupt data, hurt people

Fire prevention
Approach to fire safety

Fire prevention can be accomplished through

Proper building construction and wiring


Developing and implementing safety procedures
Training employees
Housekeeping supplies and combustibles

Four legs of a fire

Heat, fuel, oxygen, chemical reaction

Fire prevention measures

Reduce temperature
Remove fuel
Disrupt possible chemical combustion
Remove oxygen

Automatic detector mechanisms


Ionization detector
Reacts to charged particles of smoke
Gives early warning
Thermal detector
Sounds when there is a change in
temperature

Fixed or rate-of-rise temperature sensors

Photoelectric smoke detector


Sounds when source of light is interrupted

Optical detectors sound alarm when light beam is blocked by


smoke

Infrared flame detector


Reacts to emissions of flames

Senses pulsation of flame

Fire types
Fire class

Class A
Class B

Type of fire

Suppression
method

Common
combustibles

Wood, paper, cloth,


plastics

Water, soda acid

Liquid

Petroleum, tars, oils,


solvents, alcohol, gases

C02, FM-200

Electrical

Electrical equipment,
circuits and wires

Gas (Halon) or C02. Nonconductive extinguishing


agent

Combustible metals

Magnesium, sodium,

Dry chemicals

Class C
Class D

Elements of
fire

potassium

Fire extinguishers
Halogenated fire extinguishers
Used so that equipment is not damaged
by water

FM-200
Replacement for Halon without ozonedepleting chemicals

Uses chemicals instead of water

Carbon dioxide
Does not leave residue after use; does
not cause damage to sensitive devices

Can suffocate people

Dry chemicals
Not effective against electrical fires

Fire suppression
Water pipe types
Wet pipe

Always contains water


Usually discharged at predefined temperatures
Pipes can freeze and break
Can cause water leakage
Most commonly used
Dry pipe
Water not in pipe
Release after a delay
Allows someone to shut down system before release of water
Pipes will not freeze and break colder climate areas
Pre-action system
Water released after a sprinkler head link is melted
Lets people react more quickly to false alarms; also allows for another
method of extinguishing fire if possible

Deluge system
Sprinkler head is open
Releases a lot of water fast

CISSP Essentials:
Mastering the Common Body of Knowledge
Lecturer Shon Harris, CISSP, MCSE
President, Logical Security
www.LogicalSecurity.com
ShonHarris@LogicalSecurity.com

Coming next:

Class 10: Operations security


Register at the CISSP Essentials Library:
www.searchsecurity.com/CISSPessentials