Information Security assignment Show Q1. How does physical access control differ from the logical access control describe in earlier chapters? How is it similar? Physical access controls prevent people from entering places or things they should note enter or places that have been physically locked. Logical access controls offers technological ways that control the privacy of material that another person can see while each person can have their settings different than others. Both of these controls keep unwanted people from seeing information that is private or from entering places that are private; they were created as means of privacy from others. Q2. List and describe the four categories of locks. In which situation is each type of lock preferred? (Hint: manual key, programmable key, electronic and biometric key.) A manual key is used to open things such as doors, cars, office buildings, mailboxes, and much more. A programmable key is something that would be used to help people clock in and out of work easily and also allows people to use their car keys to lock their vehicle. An electronic key is an electronic key that allows people to move from one part of a building to another by swiping the key in front of an electronic reader and also allows people into their hotel rooms with the swipe of a card. A biometric key is created for people to use with their finger prints or facial features like many smart phones use now. Q3. Describe a physical firewall that is used in buildings. List the reasons why an organization might need firewalls for physical security controls. A physical firewall that is used in buildings creates a fire-proof barricade that is utilized to stop a fire at each wall in case of a fire. These physical firewalls are used in large buildings to separate organizations from one another. The firewalls are used for physical security controls to keep fire only in the section in which it started. They are also used to keep costs down in case of a fire so not as much is lost. Q4. List and describe the three fundamental ways that data can be intercepted. How does a physical security program protect against each of these data interception methods? Hackers can crack codes and steal information that is not supposed to be for them to see. Virus can attack your information and make it disappear before you have a chance to catch it and remove it. Human error is also another fundamental way data can be intercepted accidentally. A physical security program such as a password can protect a person from any of these three threats. Q5. What can you do to reduce the risk of laptop theft? There are a number of things a person can do to control the theft of a laptop computer such as keep it with you at all times, keep it password protected, and never allow anyone to use or borrow it. Principles of Information Security, 4th Edition Chapter 9 Review Questions 1. What is physical security? What are the primary threats to physical security? How are they manifested in attacks against the organization? Physical security addresses the design, implementation, and maintenance of countermeasures that protect the physical resources of an organization. This means the physical protection of the people, hardware, and the supporting system elements and resources associated with the management of information in all its states: transmission, storage, and processing. The primary threats to physical security include the following: inadvertent acts - potential acts of human error or failure, potential deviations in quality of service by service providers, and power irregularities; deliberate acts – acts of espionage or trespass, acts of information extortion, acts of sabotage or vandalism, acts of theft, software attacks, and compromises to intellectual property; acts of God – forces of nature; technical failures – technical hardware failures or errors and technical software failures or errors; and management failures – technical obsolescence. In the physical environment a potential act of human error or failure can be represented by an employee accidentally spilling coffee on his or her laptop computer. A compromise to intellectual property can include an employee without an appropriate security clearance copying a classified marketing plan. A deliberate act of espionage or trespass could be exemplified by a competitor sneaking into a facility with a camera. Deliberate acts of sabotage or vandalism can be physical attacks on individuals or property with the intent to sabotage or deface; deliberate acts of theft are perhaps the most common of these threats. Examples include employees stealing computer equipment, credentials, passwords, and laptops. Acts of God include lightning hitting a building and causing a fire. Quality of service deviations from service providers, especially power and water, also represent physical security threats. Technical hardware failures or errors and technological obsolescence both have common examples in physical security. 2. What are the roles of IT, security, and general management with regard to physical security? Physical security is designed and implemented in several layers. Each community of interest in the organization is responsible for components within these layers. General management: Responsible for the security of the facility in which the organization is housed and the policies and standards for secure operation. This includes exterior security, building access, as well as other controls. How does physical security or physical access control differ from logical access control described in earlier chapters How are they similar?Both physical and logical access control is concerned with regulating who or what can access restricted areas, but logical access control refers to restricting virtual access to data, digital resources and computer networks, whereas physical access control restricts actual pedestrian footfall to buildings, rooms and ...
What is the difference between physical and logical security?Protecting the people involves a combination of physical and logical security. Physical security keeps them safe by allowing only authorized individuals into the building. Logical security protects their computers and data from unauthorized access.
What is physical access controls?What is physical access control? Physical access control systems (PACS) are a type of physical security designed to restrict or allow access to a certain area or building.
Why is physical access control important?Physical access controls not only enhance security but also allow for efficiency, only requiring one form of authentication, a physical trait (fingerprint, retina, palm of hand). This eliminates the risk of a card being stolen or a PIN being hacked.
|