Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Physical Security Chapter 8.

Slides:



Advertisements
Similar presentations
1 COMPUTER GENERATED & STORED RECORDS CONTROLS Presented by COSCAP-SA.
Advertisements

PowerPoint ® Presentation Chapter 14 Homeland Security Homeland Security Building Layout Specific CBR Attack Prevention Recommendations Securing Outdoor-
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Computer Security Computer Security is defined as:
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.
Copyright © Center for Systems Security and Information Assurance Lesson Seven Physical Security.
CSA 223 network and web security Chapter one
Security+ Guide to Network Security Fundamentals, Third Edition
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Information Security Principles and Practices
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Information Systems Security Physical Security Domain #4.
Chapter 8 Operating Systems and Utility Programs By: James Granahan.
Chapter 3.  Security Framework  Operational Security Lifecycle  Security Perimeter  Access Control  Social Engineering  Environmental Issues.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Security. If I get 7.5% interest on $5,349.44, how much do I get in a month? (.075/12) = * 5, = $ What happens to the.004? =
Chapter 10: Authentication Guide to Computer Network Security.
The Impact of Physical Security on Network Security
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Understanding Security Layers
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,
Physical Security Chapter 8.
BUSINESS B1 Information Security.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
Viruses Hackers Backups Stuxnet Portfolio Computer viruses are small programs or scripts that can negatively affect the health of your computer. A.
Chapter 5-Fire Safety Developing Effect Ways to Prevent and Deal With Fires in Your Home.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Physical (Environmental) Security
McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved INFORMATION SECURITY SECTION 4.2.
Topic 5: Basic Security.
Chap1: Is there a Security Problem in Computing?.
Site Security Policy Case 01/19/ : Information Assurance Policy Douglas Hines, Jr.
Computer Security By Duncan Hall.
Privilege Management Chapter 22.
Lesson 8-The Impact of Physical Security on Network Security.
Principles of Computer Security, Fourth Edition Copyright © 2016 by McGraw-Hill Education. All rights reserved. Physical Security Chapter 8.
Physical security By Ola Abd el-latif Abbass Hassan.
Physical Security Concerns for LAN Management By: Derek McQuillen.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Access Control Jeff Wicklund Computer Security Fall 2013.
Physical Security Ch9 Part I Security Methods and Practice CET4884 Principles of Information Security, Fourth Edition.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Chapter 14: System Administration Mark Milan. System Administration Acquiring new IS resources Maintaining existing IS resources Designing and implementing.
Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.
Criminal Justice Intro to Security, Instructor Name Date, Semester Chapter 4: PHYSICAL SECURITY: STRUCTURAL, ELECTRONIC, AND HUMAN PROTECTION SYSTEMS.
Unit 1: Protecting the Facility (Virtual Machines)
Security Issues in Information Technology
BUSINESS DRIVEN TECHNOLOGY
Click to edit Master subtitle style
INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.
Understanding Security Layers
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Level 2 Diploma Unit 11 IT Security
Lesson 16-Windows NT Security Issues
Security of Data  
Managing the IT Function
Module 2 OBJECTIVE 14: Compare various security mechanisms.
PLANNING A SECURE BASELINE INSTALLATION
G061 - Network Security.
Presentation transcript:

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Physical Security Chapter 8

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Objectives Define basic terminology associated with social engineering. Describe steps organizations can take to improve their security. Describe common user actions that may put an organization’s information at risk. Recognize methods attackers may use to gain information about an organization. Determine ways in which users can aid instead of detract from security.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Key Terms Access control Access tokens Autorun Biometrics BIOS passwords Bootdisk Closed circuit television (CCTV) Contactless access cards Drive imaging

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Key Terms (continued) False negative False positive Layered access LiveCD Mantrap Multiple-factor authentication Policies and procedures Smart cards USB devices

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 The Security Problem The problem that faces professionals charged with securing a company’s network can be stated rather simply: –Physical access negates all other security measures. No matter how impenetrable the firewall and intrusion detection system (IDS), if an attacker can find a way to walk up to and touch a server, he can break into it.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Physically securing information assets doesn’t mean just the servers; it means protecting physical access to all the organization’s computers and its entire network infrastructure. The Security Problem (continued)

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 The Security Problem Illustrated

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Using a Lower Privilege Machine to Get Sensitive Information

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Bootdisks Any media used to boot a computer into an operating system that is not the native OS on its hard drive could be classified as a bootdisk. These can be in the form of a floppy disk, CD, DVD, or a USB flash drive. Boot floppy disks can be used to attack machines with floppy drives. Utilities can be installed on the disk to allow for the stealing of password files and other information.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 LiveCDs A LiveCD contains a bootable version of an entire operating system. –This is typically a variant of Linux, complete with drivers for most devices. –LiveCDs give an attacker a greater array of tools than could be loaded onto a floppy disk. –These tools include scanners, sniffers, vulnerability exploits, forensic tools, drive imagers, password crackers, and more.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 A Sample of LiveCDs

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 The Autorun Feature

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Drive Imaging Drive imaging is the process of copying the entire contents of a hard drive to a single file on a different media. This process is often used by people who perform forensic investigations of computers. –A bootable media is used to start the computer and load the drive imaging software. –It makes a bit-by-bit copy of the hard drive or other attached media. –There will be no record of the copy being made.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Drive Imaging (continued) The information obtained from drive imaging contains every bit of data that is on the computer: any locally stored documents, locally stored s, and every other piece of information that the hard drive contains. This data could be very valuable if the machine holds sensitive information about the company. Encrypting files or the drive provides protection. Storing files on a files server can also help.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Physical Security Safeguards Walls and guards Policies and procedures Access control and monitoring Environmental controls Fire suppression

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Walls and Guards The primary defense against a majority of physical attacks are the barriers between the assets and a potential attacker—walls, fences, gates, and doors. Some employ private security staff to attempt to protect their assets.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Walls The most valuable assets should be contained on company servers. To protect the physical servers, you must look in all directions: –Doors and windows should be safeguarded and a minimum number of each should be used in a server room. –Is there a drop ceiling? –Is there a raised floor?

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Guards Guards are a visible presence with direct responsibility for security, so they provide an excellent security measure. Guards can monitor entrances and exits and can maintain access logs of who has entered and departed the building. Everyone who passes through security as a visitor should sign the log. It can be useful in tracing who was at what location and why.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Gated Access, Cameras, and a Guardhouse

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Policies and Procedures Physical security policies and procedures relate to two distinct areas: –Those that affect the computers themselves –Those that affect users

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Computer Policies Remove/disable the floppy disk system. Remove/disable the optical drive system. –If that is not possible, remove the device from the boot menu and set a BIOS password. Disallow USB drive keys, either with active directory or registry settings. –If that is not possible, implement aggressive anti-malware scanning.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Computer Policies (continued) Lock up equipment that contains sensitive data. Train all employees: –To challenge strangers –To follow procedures –To lock workstations before leaving them

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Access Controls and Monitoring Access control means having control of doors and entry points. –Locks –Layered access systems –Electronic door control systems –Closed circuit television (CCTV)

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Layered Access To help prevent an attacker from gaining access to important assets, these assets should be placed inside multiple perimeters. Access to the server room should be limited to staff with a legitimate need to work on the servers. Area surrounding the server room should also be limited to people who need to work in that area.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Closed Circuit Television (CCTV) Closed circuit television (CCTV) cameras are similar to the door control systems—they can be very effective, but how they are implemented is an important consideration. Carefully consider camera placement and the type of cameras used. Different iris types, focal lengths, and color or infrared capabilities are all options that make one camera superior over another in a specific location.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Environmental Controls Sophisticated environmental controls are needed for current data centers. Fire suppression is also an important consideration when dealing with information systems. Heating ventilating and air conditioning (HVAC) systems are critical for keeping data centers cool. –Typical servers put out between 1000 and 2000 BTUs of heat. –The failure of HVAC systems for any reason is cause for concern. –Properly securing these systems is important in helping prevent an attacker from performing a physical DoS attack on your servers.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Fire Suppression The ability to respond to a fire quickly and effectively is critical to the long-term success of any organization. The goal—never to have a fire—however, in the event that one does occur, mechanisms are in place to limit the damage the fire can cause.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Fire Suppression Systems Water-based Halon-based Clean-agent Handheld fire extinguishers

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Water-based Fire Suppression Have long been and still are the primary tool to address and control structural fires. Electrical equipment does not react well to large applications of water It is important to know what to do with equipment if it does become subjected to a water-based sprinkler system.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Halon-based Fire Suppression A fire needs fuel, oxygen, and high temperatures for the chemical combustion to occur. –If you remove any of these, the fire will not continue. Halon interferes with the chemical combustion present in a fire. They were originally popular because halon will mix quickly with the air in a room, and will not cause harm to computer systems. Halon is also dangerous to humans.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Clean-Agent Fire Suppression Clean-agent fire suppression systems not only provide fire suppression capabilities, but also protect the contents of the room, including people, documents, and electronic equipment. Examples of clean agents include –Carbon dioxide –Argon –Inergen –FM-200 (heptafluoropropane)

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Clean-Agent Fire Suppression (continued) CO2 displaces oxygen so that the amount of oxygen remaining is insufficient to sustain the fire. –Also provides some cooling in the fire zone and reduces the concentration of “gasified” fuel. Argon extinguishes fire by lowering the oxygen concentration below the 15 percent level required for combustible items to burn.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Clean-Agent Fire Suppression (continued) Inergen, a product of Ansul Corporation, is composed of three gases: 52 percent nitrogen, 40 percent argon, and 8 percent carbon dioxide. Inergen systems reduce the level of oxygen to about 12.5 percent, which is sufficient for human safety but not sufficient to sustain a fire.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Handheld Fire Extinguishers If a fire can be caught and contained before the automatic systems discharge, it can mean significant savings to the organization in terms of both time and equipment costs (including the recharging of the automatic system). There are four different types of fire, as shown in the next slide.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Handheld Fire Extinguishers (continued)

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Fire Detection Devices An essential complement to fire suppression systems and devices are fire detection devices (fire detectors). Detectors may be able to detect a fire in its very early stages.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Fire Detectors There are several different types of fire detectors. –Smoke activated Ionization – Detects ionized particles caused by fire Photoelectric – Detects degradation of light from smoke –Heat activated Fixed-temperature – Alerts if temperature exceeds a pre-defined level Rate-of-rise temperature – Detects sudden increases in temperature –Flame activated Relies on the flames from the fire to provide a change in the infrared energy that can be detected

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Authentication Authentication is the process by which a user proves that she is who she says she is. Authentication is performed to allow or deny a person access to a physical space. The heart of any access control system is to allow access to authorized users and to make sure access is denied to unauthorized people.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Access Tokens Access tokens are defined as “something you have.” An access token is a physical object that identifies specific access rights. Your house key, for example, is a basic physical access token that allows you access into your home. The primary drawback of token-based authentication is that only the token is being authenticated. Therefore, the theft of the token could grant anyone who possessed the token access to what the system protects.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Biometrics Biometrics use the measurements of certain biological factors to distinguish one specific person from others. These factors are based on parts of the human body that are unique. The most well known of these unique biological factors is the fingerprint. False positives and false negatives are two issues with biometric scanners.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 False Positives A false positive occurs when a biometric is scanned and allows access to someone who is not authorized—for example, two people who have very similar fingerprints might be recognized as the same person by the computer, which grants access to the wrong person.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 False Negatives A false negative occurs when the system denies access to someone who is actually authorized— for example, a user at the hand geometry scanner forgot to wear a ring he usually wears and the computer doesn’t recognize his hand and denies him access.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Other Issues with Biometrics Another concern with biometrics is that if someone is able to steal the uniqueness factor that the machine scans—your fingerprint from a glass, for example—and is able to reproduce that factor in a substance that fools the scanner, that person now has your access privileges. Another problem with biometrics is that parts of the human body can change.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Multiple-factor Authentication Multiple-factor authentication is simply the combination of two or more types of authentication. Three broad categories of authentication can be used: what you are (for example, biometrics), what you have (for instance, tokens), and what you know (passwords and other information).

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Chapter Summary Define basic terminology associated with social engineering. Describe steps organizations can take to improve their security. Describe common user actions that may put an organization’s information at risk. Recognize methods attackers may use to gain information about an organization. Determine ways in which users can aid instead of detract from security.