Physical Security Quiz

Questions and Answers

Which of the following is NOT one of the three major concerns for physical security in order of importance?

• Environment (correct)
• Data
• Equipment
• Personnel

Which of the following is NOT one of the three main kinds of physical security measures?

• Detective
• Preventative
• Deterrent
• Corrective (correct)

What is the purpose of using RAID?

• To compress data to save storage space
• To encrypt data for secure transmission
• To increase the processing speed of data
• To copy data to more than 1 storage device to protect the data if any one device is destroyed (correct)

Which of the following is NOT one of the three major concerns for physical security in order of importance?

Location (B)

Which of the following is NOT one of the three main kinds of physical security measures?

Corrective (C)

Why is authenticity a risk in terms of customer information?

It may lead to processing fraudulent transactions (C)

Which of the following is true about risks?

A threat with no matching vulnerability does not constitute a risk (A)

What are controls in the context of risk mitigation?

Physical, logical, and administrative measures (C)

What do logical controls enable you to do?

Prevent unauthorized activities (B)

Flashcards

Purpose of RAID

Copying data to multiple storage devices to protect data from device failure.

Authenticity Risk

Processing fraudulent transactions due to the risk of customer information.

Risk Components

A threat combined with a vulnerability equals a risk; without a match, there's no risk.

Controls for Risk

Physical, logical, and administrative measures used to reduce risk.

Logical Controls

Controls that use technology to restrict unauthorized activities.

Study Notes

Physical Security Concerns

• Major concerns include unauthorized access, theft, and damage to physical assets.
• Importance of concerns often ranks from unauthorized access as the top priority.

Physical Security Measures

• Three main kinds of physical security measures are barriers, surveillance, and access control systems.
• Anything outside these categories is considered not part of the primary measures.

RAID Purpose

• Redundant Array of Independent Disks (RAID) offers data redundancy and performance improvement.
• Ensures data availability and protection against disk failures.

Risks in Information Security

• Authenticity is critical as it involves validating customer identity and data integrity.
• Risks associated with authenticity include identity theft and data manipulation.

Understanding Risks

• Risks can encompass various threats that may lead to losses, including cyber attacks and natural disasters.
• It is essential to assess potential impacts to prioritize action and resources.

Risk Mitigation Controls

• Controls include administrative, physical, and technical measures to minimize risks.
• Effective controls help in managing vulnerabilities and enhancing security.

Logical Controls

• Logical controls enable secure access to systems and information through software measures such as encryption and authentication.
• They are essential for protecting data in digital environments.