Chapter 7 – Physical Security pptx
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (856.56 KB, 82 trang )
Security+
All-In-One Edition
Chapter 7 – Physical Security
Brian E. Brzezicki
Note
Note: A LOT of this chapter is “missing” from the book.
That is the book is only 12 pages I have put over 70
slides in this chapter (one of the longest) These
things you should expect to see on the exam. So
pay extra attention to these slides!
Physical Security
There is NO security without
Physical Security
We spend A LOT of money on logical (technical)
security. However without physical security there is
NO security. Physical security is a weak link
usually!
•
Attackers can walk off with machines
•
If I can get physical access to your machine I will
be able to get whatever info I want or load “bad”
software on it, or even just change the
root/administrator account password!
•
Plug into a network and attack it from within!
Some physical Security Attacks
(187)
•
LiveCDs (Knoppix, BackTrack)
•
USB/CDs and “auto play” – talk about this LATER
•
No BIOS/Default BIOS passwords
•
Disk Imaging (how?)
•
Copying off sensitive data
Physical Security Layers (n/b)
•
Deterrence – fences, guards, signs
•
Reducing/Avoiding damage by Delaying attackers
– slow down the attackers (locks, guards, barriers)
•
Detection – motion sensors, smoke detectors
•
Incident assessment – response of guards, and
determination of damage level
•
Response procedures – fire suppression, law
enforcement notification etc
Physical Security Terms and
Concepts
Bollards
Bollards (n/b)
Bollards are small concrete pillars, sometimes
containing lights or flowers.
They are used to stop people from driving through
a wall, often put between a building and parking
lot.
They can be arranged to form a natural path for
walking.
Fencing (n/b)
Can deter and delay intruders, first line of defense
•
Fences 3-4 feet high only deter casual
trespassers
•
Fences 6-7 feet high are considered too high to
climb easily
•
Fences 8 feet high should are considered
serious. Use for Critical areas
Walls (n/b)
You know what they are
•
Choose a wall with the strength to support the
security application. This might also include fire
rating!
Zones (n/b)
Fences, Walls, Bollards, etc along with access control
mechanisms can be brought together to create
“security” zones. Each zone has some different
security level or work type.
•
Example.
–
Lobby – low security, public access
–
Offices – medium security, restricted access
–
R&D – high security, extremely restricted access
(see next slide)
Security Zones (n/b)
•
Zones are used to physically separate areas into
different security areas.
•
Each inner level
becomes more restricted
and more secure
•
Stronger Access Control
and Monitoring at the
entry point to each zone
Lighting (n/b)
Lighting is obviously important in perimeter
security. It decreases the probability of criminal
activity.
•
Each light should cover it’s own zone and there
should not be gaps in the coverage
•
Coverage in fact should overlap.
•
Lighting should be directed AWAY from the
security guards etc.
Locks (n/b)
•
Mechanical – use a physical key (Warded lock or
tumbler)
–
Warded lock – basic padlock, cheap (image)
–
Tumbler lock – more piece that a warded lock,
key fits into a cylinder which moved the metal
pieces such that the bolt can slide into the
locked and unlocked position.
•
Pin tumbler – uses pins
•
Wafer – uses wafer (not very secure)
Warded Lock (n/b)
Tumbler Lock (n/b)
Locks types (n/b)
There are different lock grades
•
Grade 1 – commercial
•
Grade 2 – heavy duty residential, light
commercial
•
Grade 3 – residential throw away locks
There are also 3 cylinder categories
Low – no pick or drill resistance provided
Medium – a little pick resistance
High – higher degree of pick resistance
Attacks against key type locks (n/b)
Tension wrench – shaped like an L and is used to
apply tension to the cylinder, then use a pick to
manipulate the individual pins.
Pick – used in conjunction with a tension wrench to
manipulate the pins into place so you can turn the
cylinder
Visualization next slide
Lock Picking
Locks
•
Combination locks – rather than use a key, turn
Locks (n/b)
•
Cipher locks – electronic locks
–
Combination can be changed
–
Combination can be different for different
people
–
Can work during different times of day
–
Can have emergency codes
–
Can have “override codes”
Cipher Lock
Man Trap (n/b)
Man Trap (n/b)
•
Avoids piggybacking
•
Can trap intruder
