1 / 79

Security+ All-In-One Edition Chapter 7 – Physical Security

Security+ All-In-One Edition Chapter 7 – Physical Security. Brian E. Brzezicki. Note.

brooke
Download Presentation

Security+ All-In-One Edition Chapter 7 – Physical Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security+All-In-One EditionChapter 7 – Physical Security Brian E. Brzezicki

  2. Note Note: A LOT of this chapter is “missing” from the book. That is the book is only 12 pages..I have put over 70 slides in this chapter (one of the longest) These things you should expect to see on the exam. So pay extra attention to these slides!

  3. Physical Security

  4. There is NO security without Physical Security We spend A LOT of money on logical (technical) security. However without physical security there is NO security. Physical security is a weak link usually! • Attackers can walk off with machines • If I can get physical access to your machine I will be able to get whatever info I want or load “bad” software on it, or even just change the root/administrator account password! • Plug into a network and attack it from within!

  5. Some physical Security Attacks (187) • LiveCDs (Knoppix, BackTrack) • USB/CDs and “auto play” – talk about this LATER • No BIOS/Default BIOS passwords • Copying off sensitive data to removable media • Disk Imaging (how?) • Theft of equipment

  6. Physical Security Layers (n/b) • Deterrence – fences, guards, signs • Reducing/Avoiding damage by Delaying attackers – slow down the attackers (locks, guards, barriers) • Detection – motion sensors, smoke detectors • Incident assessment – response of guards, and determination of damage level • Response procedures – fire suppression, law enforcement notification etc

  7. Physical Security Terms and Concepts

  8. Bollards

  9. Bollards (n/b) Bollards are small concrete pillars, sometimes containing lights or flowers. They are used to stop people from driving through a wall, often put between a building and parking lot. They can be arranged to form a natural path for walking.

  10. Fencing (n/b) Can deter and delay intruders, first line of defense • Fences 3-4 feet high only deter casual trespassers • Fences 6-7 feet high are considered too high to climb easily • Fences 8 feet high should are considered serious. Use for Critical areas

  11. Walls (n/b) You know what they are • Choose a wall with the strength to support the security application. This might also include fire rating!

  12. Zones (n/b) Fences, Walls, Bollards, etc along with access control mechanisms can be brought together to create “security” zones. Each zone has some different security level or work type. • Example. • Lobby – low security, public access • Offices – medium security, restricted access • R&D – high security, extremely restricted access (see next slide)

  13. Security Zones (n/b) • Zones are used to physically separate areas into different security areas. • Each inner level becomes more restricted and more secure • Stronger Access Control and Monitoring at the entry point to each zone

  14. Lighting (n/b) Lighting is obviously important in perimeter security. It decreases the probability of criminal activity. • Each light should cover it’s own zone and there should not be gaps in the coverage • Coverage in fact should overlap. • Lighting should be directed AWAY from the security guards etc.

  15. Locks (n/b) • Mechanical – use a physical key (Warded lock or tumbler) • Warded lock – basic padlock, cheap (image) • Tumbler lock – more piece that a warded lock, key fits into a cylinder which moved the metal pieces such that the bolt can slide into the locked and unlocked position. • Pin tumbler – uses pins • Wafer – uses wafer (not very secure)

  16. Warded Lock (n/b)

  17. Tumbler Lock (n/b)

  18. Attacks against key type locks (n/b) Tension wrench – shaped like an L and is used to apply tension to the cylinder, then use a pick to manipulate the individual pins. Pick – used in conjunction with a tension wrench to manipulate the pins into place so you can turn the cylinder Visualization next slide

  19. Lock Picking

  20. Locks • Combination locks – rather than use a key, turn

  21. Locks (n/b) • Cipher locks – electronic locks • Combination can be changed • Combination can be different for different people • Can work during different times of day • Can have emergency codes • Can have “override codes”

  22. Cipher Lock

  23. Man Trap (n/b)

  24. Man Trap (n/b) • Avoids piggybacking • Can trap intruder

  25. Surveillance (n/b) CCTVs and recording devices to record video of site. • It deters criminal activity • Can be used later as evidence or to determine what happened. • CCTVs should generally have PTZ capability, and auto-irises.

  26. Intrusion Detection Systems (n/b) IDS (physical IDS, NOT network IDS) – help detect the physical presence of an intruder. Can be multiple types. Electromechanical – traditional types, determine a opening of a window by a break in connectivity. • Vibration sensors are also electromechanical • Pressure pads are also electromechanical

  27. IDS (n/b) Photoelectric – uses light beams to detect when something crosses the beam. (slide image) Passive Infrared (PIR) – monitors heat signatures in a room. (a lot of home automatically light systems are of this type) (slide image) Acoustical Detection – uses sound Proximity detector/capacitance detectors – emits a measurable magnetic field. If field is disrupted it sets off the alarm. (usually this field is a very small area, as magnetic fields disperse quickly as the area increases)

  28. Passive Infrared IDS Passive Infrared (PIR) – monitors heat signatures in a room. (a lot of home automatic light systems are of this type)

  29. Photoelectric IDS Photoelectric – uses light beams to detect when something crosses the beam.

  30. Personnel Access Controls

  31. Personnel access controls There are different technologies to grant access to a building, generally called an “access token” • User activated – a user does something (swipe cards, biometrics) • Proximity devices/transponders – a system recognizes the presence of an object. (Electronic access control tokens) is a generic term for proximity authentication systems)

  32. Smart Cards Vs. Memory cards What is memory Cards? (see slide) What is a smart Card? (see slide) How are they different? Which is more secure?

  33. Memory Cards

  34. Smart Card

  35. Biometrics (195) • Bio – life, metrics - measure • Biometrics verifies (authenticates) an individuals identity by analyzing unique personal attribute (something they ARE) • Require enrollment before being used* (what is enrollment? Any ideas) • EXPENSIVE • COMPLEX

  36. Biometrics (195) • Can be based on • behavior (signature dynamics) – might change over time • Physical attribute (fingerprints, iris, retina scans) • We will talk about the different types of biometrics later • Can give incorrect results • False negative – Type 1 error* (annoying) • False positive – Type 2 error* (very bad)

  37. CER (n/b) • Crossover Error Rate (CER)* is an important metric that is stated as a percentage that represents the point at which the false rejection rate equals the false positive rate. • Lower number CER is better/more accurate*. (3 is better than an 4) • Also called Equal Error Rate • Use CER to compare vendors products objectively

  38. Biometrics (n/b) • Systems can be calibrated, for example of you adjust the sensitivity to decrease fall positives, you probably will INCREASE false negatives, this is where the CER come in. (see next slide) • Some areas (like military) are more concerned with one error than the other (ex. Would rather deny a valid user than accept an invalid user) • Can you think of any situations for each case?

  39. CER (n/b)

  40. Biometric problems? (n/b) • Expensive • Unwieldy • Intrusive • Can be slow (should not take more than 5-10 seconds)* • Complex (enrollment)

  41. Biometric Types Overview (n/b) We will talk in more depth of each in the next couple slides • Fingerprint • Hand Geometry • Retina Scan • Iris Scan • Keyboard Dynamics • Voice Print • Facial Scan

  42. Finger Print

  43. Fingerprint (n/b) • Measures ridge endings an bifurcations (changes in the qualitative or topological structure) and other details called “minutiae” • Full fingerprint is stored, the scanners just compute specific features and values and sends those for verification against the real fingerprint.

  44. Hand Geometry (n/b) • Overall shape of hand • Length and width of fingers • This is significantly different between individuals

  45. Retina Scan

  46. Retina Scan (n/b) • Reads blood vessel patterns on the back of the eye. • Patterns are extremely unique

  47. Iris Scan

  48. Iris Scan (n/b) • Measures colors • Measures rifts • Measures rings • Measures furrow (wrinkle, rut or groove) • Provides most assurance of all biometric systems • IRIS remains constant through adulthood • Place scanner so sun does NOT shine through aperture*

  49. Keyboard dynamics (n/b) • Measure the speeds and motions as you type, including timed difference between characters typed. For a given phrase • This is more effective than a password believe it or not, as it is hard to repeats someone's typing style, where as it’s easy to get someone's password.

  50. Voice Print (n/b) • Enrollment, you say several different phrases. • Measures speech patterns, inflection and intonation (i.e.. pitch and tone) • For authentication words are jumbled.

More Related