2.1 – Security Measures - Physical Security for Staff

Questions and Answers

Which authentication method combines something you have with something you know?

• Mechanical key and ID card collateral.
• Key fob and a handprint scan.
• Retina scan followed by fingerprint scan.
• Smart card and a personal identification number. (correct)

Why is it beneficial for security to have well-lit areas around a building, besides general safety?

• It reduces the need for security personnel during the night.
• Infrared cameras work optimally in well-lit environments.
• It allows for better energy efficiency during daylight hours.
• Regular cameras capture more detailed images in lit areas. (correct)

What is the primary function of a key cabinet in an organization with mechanical locks?

• To automate the process of key duplication.
• To track and manage the distribution and return of keys. (correct)
• To serve as a secure storage for employee personal belongings.
• To eliminate the need for collateral when checking out keys.

What is the purpose of requiring collateral, like an ID card or phone, when checking out a key from a key cabinet?

To ensure the key is returned after use. (B)

What is a key fob?

A small RFID device for access. (A)

How do biometric fingerprint scanners authenticate a user's identity?

By creating a mathematical representation of the fingerprint and comparing it to stored data. (D)

What is a limitation of using a magnetometer for security screening?

It cannot detect non-metallic materials. (B)

What is the primary purpose of a Mobile Device Manager (MDM) in a BYOD environment?

To manage and secure company data on personal devices. (B)

In a BYOD setup, what is a 'logical partition' created by an MDM used for?

Separating personal and company data on the same device. (B)

Why are biometric authentication methods, like fingerprint scanning, difficult to change?

Physical biometric characteristics are very difficult to alter. (D)

Beyond simply opening doors, what additional function can an ID card serve in some organizations?

Serving as a smart card for system access. (A)

What is the primary difference between a retina scanner and a fingerprint scanner in terms of biometric authentication?

A retina scanner analyzes capillaries in the eye, while a fingerprint scanner reads the pattern on a fingertip. (D)

What is the MOST likely first step an IT security professional would take to protect company data on employee's phones used in a BYOD program?

Install a Mobile Device Manager (MDM). (D)

What is a common security measure taken to supplement biometric authentication, such as fingerprint scanning?

Using a personal identification number (PIN). (D)

Which factor is MOST important when choosing lighting as a security feature for a facility?

The brightness and angle of the light. (C)

An employee loses their access card. What is security's BEST course of action?

Deactivate the lost access card and issue a new one. (A)

Which scenario BEST exemplifies the use of 'something you are' as an authentication factor?

Using a fingerprint to unlock a phone. (C)

What is the MOST significant benefit of using a key fob over a traditional access card?

Key fobs are smaller and more convenient to carry on a keychain. (D)

Which protocol involves confirming identity by analyzing the unique patterns of blood vessels in the eye?

Retina scanning. (B)

What is the PRIMARY concern that organizations must address when implementing a BYOD (Bring Your Own Device) policy?

Maintaining the same level of security as on company-owned devices. (B)

Flashcards

Key Fob

A small RFID device, often attached to a keychain, used for electronic access to locked doors.

Smart Card

An ID card containing a certificate that confirms your identity when connected to a reader.

Mechanical Lock

A physical lock requiring a key to open, as opposed to electronic locks.

Key Cabinet

A secure cabinet used to manage and maintain physical keys within an organization.

Biometrics

Using unique biological traits to verify identity for access control.

Retina Scanner

A device that scans and records the unique capillary patterns in the retina for identification.

Fingerprint Scanner

A device that scans and records the patterns of a finger for identification.

Handprint Scanner

A device that scans and records the pattern of a hand for identification.

Magnetometer

A device that detects metal objects on a person.

BYOD (Bring Your Own Device)

The practice of employees using their personal mobile devices for work purposes.

MDM (Mobile Device Manager)

Software that manages and secures mobile devices used within an organization.

Study Notes

• Key fobs serve as compact RFID devices for accessing locked doors, attaching easily to keychains.
• They offer the same proximity functionality as access cards in a smaller, more convenient form.
• Smart cards contain certificates, verifying the cardholder's identity upon connection to a reader.
• Smart cards are often combined with a PIN or passphrase for multi-factor authentication.
• Card readers, either built-in or external via USB, are needed to read smart card certificates.
• Mechanical locks with physical keys offer an alternative to electronic locks.
• Key cabinets are used to manage and track physical keys in organizations.
• Organizations often require collateral, like an ID or phone, when checking out physical keys.
• Biometrics use physical traits like fingerprints, handprints, or retina scans for access.
• Biometric readers create mathematical representations of scanned features.
• Biometrics are hard to change and thus a reliable authentication method.
• Combining biometrics with other factors like PINs improves authentication security.
• Retina scanners identify users via unique capillary patterns in the eye.
• Handprint readers use the entire hand for biometric identification.
• Well-lit areas improve security by enhancing camera visibility.
• Magnetometers (metal detectors) identify metallic objects, commonly found in airports and large buildings.
• They cannot detect non-metallic materials like ceramics or plastics.
• BYOD (Bring Your Own Device) refers to employees using personal mobile phones for work.
• MDM (Mobile Device Manager) is used to manage and secure company data on personal devices.
• MDMs enable IT to set usage policies, install apps, and control features on phones.
• MDMs create logical partitions to separate personal and company data on devices.
• MDMs can enforce security policies like screen locks and PINs on BYOD devices.