Physical Controls

CompTIA Security+ Certification (SY0-501) Chapter 7 - Beyond the Basic LAN
8 minutes
Share the link to this page
Copied
  Completed
You need to have access to the item to view this lesson.
One-time Fee
$99.99
List Price:  $139.99
You save:  $40
€91.73
List Price:  €128.43
You save:  €36.69
£78.50
List Price:  £109.90
You save:  £31.40
CA$135.42
List Price:  CA$189.60
You save:  CA$54.17
A$152.22
List Price:  A$213.12
You save:  A$60.89
S$133.77
List Price:  S$187.28
You save:  S$53.51
HK$781.89
List Price:  HK$1,094.68
You save:  HK$312.79
CHF 88.30
List Price:  CHF 123.63
You save:  CHF 35.32
NOK kr1,058
List Price:  NOK kr1,481.24
You save:  NOK kr423.24
DKK kr684.10
List Price:  DKK kr957.77
You save:  DKK kr273.66
NZ$164.15
List Price:  NZ$229.81
You save:  NZ$65.66
د.إ367.20
List Price:  د.إ514.09
You save:  د.إ146.89
৳10,978.23
List Price:  ৳15,369.96
You save:  ৳4,391.73
₹8,290.53
List Price:  ₹11,607.08
You save:  ₹3,316.54
RM471.80
List Price:  RM660.54
You save:  RM188.74
₦156,534.34
List Price:  ₦219,154.34
You save:  ₦62,620
₨27,950.66
List Price:  ₨39,132.05
You save:  ₨11,181.38
฿3,595.26
List Price:  ฿5,033.51
You save:  ฿1,438.25
₺3,229.78
List Price:  ₺4,521.83
You save:  ₺1,292.04
B$499.40
List Price:  B$699.18
You save:  B$199.78
R1,883.20
List Price:  R2,636.56
You save:  R753.35
Лв179.42
List Price:  Лв251.19
You save:  Лв71.77
₩133,286.20
List Price:  ₩186,606.01
You save:  ₩53,319.81
₪365.03
List Price:  ₪511.06
You save:  ₪146.02
₱5,561.09
List Price:  ₱7,785.75
You save:  ₱2,224.66
¥14,911.76
List Price:  ¥20,877.07
You save:  ¥5,965.30
MX$1,670.32
List Price:  MX$2,338.52
You save:  MX$668.19
QR364.82
List Price:  QR510.77
You save:  QR145.94
P1,359.04
List Price:  P1,902.71
You save:  P543.67
KSh13,398.66
List Price:  KSh18,758.66
You save:  KSh5,360
E£4,718.65
List Price:  E£6,606.31
You save:  E£1,887.65
ብር5,656.15
List Price:  ብር7,918.84
You save:  ብር2,262.68
Kz83,512.74
List Price:  Kz116,921.18
You save:  Kz33,408.44
CLP$93,810.03
List Price:  CLP$131,337.80
You save:  CLP$37,527.76
CN¥710.61
List Price:  CN¥994.89
You save:  CN¥284.27
RD$5,917.87
List Price:  RD$8,285.25
You save:  RD$2,367.38
DA13,435.55
List Price:  DA18,810.31
You save:  DA5,374.76
FJ$226.69
List Price:  FJ$317.37
You save:  FJ$90.68
Q780.94
List Price:  Q1,093.35
You save:  Q312.40
GY$20,949.18
List Price:  GY$29,329.69
You save:  GY$8,380.51
ISK kr13,659.63
List Price:  ISK kr19,124.03
You save:  ISK kr5,464.40
DH1,002.67
List Price:  DH1,403.78
You save:  DH401.11
L1,768.33
List Price:  L2,475.73
You save:  L707.40
ден5,652.42
List Price:  ден7,913.61
You save:  ден2,261.19
MOP$805.88
List Price:  MOP$1,128.27
You save:  MOP$322.38
N$1,866.55
List Price:  N$2,613.25
You save:  N$746.69
C$3,681.10
List Price:  C$5,153.70
You save:  C$1,472.59
रु13,266.49
List Price:  रु18,573.62
You save:  रु5,307.13
S/368.83
List Price:  S/516.39
You save:  S/147.55
K382.06
List Price:  K534.91
You save:  K152.84
SAR375
List Price:  SAR525.02
You save:  SAR150.01
ZK2,508.19
List Price:  ZK3,511.57
You save:  ZK1,003.37
L456.04
List Price:  L638.48
You save:  L182.43
Kč2,310.02
List Price:  Kč3,234.13
You save:  Kč924.10
Ft36,211.46
List Price:  Ft50,697.50
You save:  Ft14,486.03
SEK kr1,038.11
List Price:  SEK kr1,453.39
You save:  SEK kr415.28
ARS$85,066.49
List Price:  ARS$119,096.49
You save:  ARS$34,030
Bs691.23
List Price:  Bs967.75
You save:  Bs276.52
COP$389,029.38
List Price:  COP$544,656.70
You save:  COP$155,627.31
₡50,979.09
List Price:  ₡71,372.77
You save:  ₡20,393.67
L2,470.17
List Price:  L3,458.33
You save:  L988.16
₲730,160.41
List Price:  ₲1,022,253.79
You save:  ₲292,093.37
$U3,841.23
List Price:  $U5,377.88
You save:  $U1,536.64
zł395.31
List Price:  zł553.46
You save:  zł158.14
Already have an account? Log In

Transcript

There are a lot of physical controls that you're going to be seen on the exam. So let's take some time and talk about them. Now, even though there are quite a few different types of physical controls, let's take advantage of the fact that we are aware assuming you've been watching other episodes of control functions, and let's break it down that way. So let's start off with deterrent controls. a deterrent physical control is designed to prevent bad guys from trying to actually get in to your physical infrastructure. So there are things that people can see from the outside that's going to prevent them from even trying.

So the three that I want to talk about first of all, are lighting. As everyone knows, a well lit exterior is going to prevent bad guys from trying to get in. Number two is signage. If you put a good enough sign and it's scary enough, hopefully that'll deter some of the bad actors as well. Last and this is a big one. We're going to see this again, our security guards.

Nobody wants to have to go into any type of physical perimeter where there's a guy sitting there staring at you with a badge. Now, deterrent controls are fantastic. But when we tend to talk about physical controls, we tend to concentrate on preventative controls. Probably the most well known famous physical preventative control is offense. So things like gates and fences are incredibly important for stopping people. Now if you really want to stop them, you can be using things barricades or big bollards holding up so that people can't crash through stuff.

Now, speaking of crash through stuff, the United States Department of State came up with something called k ratings. Now k ratings are super strong fences that are designed to stop vehicles. So let me show you a little chart on k ratings. There are basically 4k ratings Paying for is designed to stop vehicles of these are all 15,000 pound vehicles by the way. So k four stops, vehicles traveling 30 miles an hour, k eight stops vehicles traveling up to 40 miles an hour, and K 12 stops vehicles at a whopping 50 miles an hour. Now, great fencing and bollards are important tools for the perimeter.

But physical preventative controls don't end there. For example, things have to come in and out of these things. So one of the other things we have is a man trap. A man trap is nothing more than some type of entry system, which consists of two doors, somebody comes in, they are checked or whatever we do, they're actually locked in there for a moment and then an inner door is opened and they could do whatever they need to do. Now that's fantastic, but we don't want to think just in terms of people. Another big issue that is an important physical control is our cabling systems.

We don't want people To be able to get to our cabling systems. So traditionally, one of the big things we're going to do is an air gap, we're going to separate important cabling network distribution systems from everybody else. Now, that's not always possible. So there's some other options. So for example, VPN can come into play or a VLAN. Now, sometimes our cabling distribution systems are so important that we have to physically protect those.

So we can actually go through lockdown systems for our cabling systems to prevent bad people from accessing them. In fact, in larger infrastructures, we have complete protected distribution systems. In this case, these cabling systems could actually even go out into the public, but with shielding good locks and controls, we can protect those cabling systems in detail. Now let's continue with our physical preventatives. But now let's start talking about more inside the system. In this case, we can do a lot of different things.

For example, If we have important documents, a safe is an amazing preventative control. Even things like cabinets can be locked, enclosures can be locked. And while we're talking about things like worried about people also consider that sometimes we can have radio frequency or EMI come in terms of problems. So things like Faraday cages can be used to protect sensitive electronic equipment. Now, once we get this far down in the system, we start to talk in terms of individual people and what they can do. So the big word here is locks.

We use locks all the time and we could have retinal scanners or cards or even physical good old style keys, whatever you choose to use. These are fine things. But it's absolutely incredibly important that you have some form of key management system to control all this. In large organizations. You have security people whose only job is to keep track of where all the keys were all the cards, whatever it might be, and literally having some type of inventory system that keeps track of where all the keys are at any given moment, or at least who is in possession of them is absolutely critical. Now once you get down to your individual workstation, there's only two big things to consider.

Number one are cable locks. It's fairly easy for bad guys to physically grab cables and are granted. You've got bollards and fencing and security guards and cameras and signage and safes and all that. But even in house people can grab stuff. So cable locks are something to consider. Last are screen filters.

Keep in mind that just being able to see the type of data that's up on people's screens can be a serious intrusion into your security. So simply using a screen filter can often be a very, very powerful tool. Now, that is a lot of preventative tools, and those are probably most of the stuff you're going to be seeing on the exam. But there's one more let's talk about detective tools. A good detective control is going to well detect that something naughty is taking place. So probably the first one and the big one that comes to mind are alarms.

Now keep in mind, we're talking about physical controls here. So we're talking about real alarm systems. Now what is a good alarm system going to have? Well, it could have things like cameras, for example, that are noticing that something's happening. So we might have motion detectors associated with those. We could have infrared detectors.

So you could really get James Bondy about this if you want. But the important thing is that they are detecting that something bad is happening in the physical world. Now, the other one that's important are log files. We don't necessarily always have the ability to instantly recognize that things have taken place. So log files can be incredibly important in terms of tracking and letting people at least be aware of that. Certainly types of attacks have taken place.

So very, very important. Now the last ones I want to cover I'm going to kind of knock these out real quick are compensating and corrective controls. So they're not really heavily an issue when it comes to physical security controls that can be really important for technical and administrative controls. But in the physical world, you almost have to fight to come up with a situation to fit underneath these. Like for example, you could argue that the bad guys have punched a hole in offense. And you can't fix that control right now because you can't get the fence fixed.

So you get an extra security guard, you give them a chair and a light and you have them sit there right in front of the hole. So that would be one example of a compensating controls. So really, when we're talking about physical controls, concentrate on the first three that we talked about. Now the last thing I want to mention is that you've got to be careful with physical controls. A lot of physical controls could meet Different areas, for example, is a camera, a preventative control, or is it a detective control? Well, you could argue both ways.

What I will tell you on the exam is that when you run into questions like this, it will not make it hard for you to figure out which direction they want to go. Take your time read the questions, you'll be just fine.

Sign Up

Share

Share with friends, get 20% off
Invite your friends to LearnDesk learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.