CompTIA Security+ (SY0-701) Study Notes PDF

Summary

This document is a study guide for the CompTIA Security+ (SY0-701) exam. It focuses on physical security, covering topics such as surveillance systems, brute force attacks, and access control. It details objectives and components of physical security.

Full Transcript

CompTIA Security+ (SY0-701) (Study Notes) Physical Security Objectives: ● 1.2 - Summarize fundamental security concepts ● 2.4 - Analyze indicators of malicious activity ● Physical Security ○ Physical Security ■ Measures to protect tangible assets (buildings, equipment, people) from harm or unautho...

CompTIA Security+ (SY0-701) (Study Notes) Physical Security Objectives: ● 1.2 - Summarize fundamental security concepts ● 2.4 - Analyze indicators of malicious activity ● Physical Security ○ Physical Security ■ Measures to protect tangible assets (buildings, equipment, people) from harm or unauthorized access ○ Security Controls ■ Fencing and Bollards ● Bollards ○ Short, sturdy vertical posts controlling or preventing vehicle access ● Fences ○ Barriers made of posts and wire or boards to enclose or separate areas ■ Brute Force Attacks ● Forcible entry ● Tampering with security devices ● Confronting security personnel ● Ramming a barrier with a vehicle ■ Surveillance Systems ● An organized strategy to observe and report activities ● Components ○ Video surveillance 33 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) ○ Security guards ○ Lighting ○ Sensors ■ Access Control Vestibules ● Double-door system electronically controlled to allow only one door open at a time ● Prevents piggybacking and tailgating ■ Door Locks ● Padlocks ● Pin and tumbler locks ● Numeric locks ● Wireless locks ● Biometric locks ● Cipher locks ● Electronic access control systems ■ Access Badges ● Use of Radio Frequency Identification (RFID) or Near Field Communication (NFC) for access ● Fencing and Bollards ○ Fencing and bollards stand out as some of the most primitive tools that are employed to safeguard assets and people ○ Fence ■ Structure that encloses an area using interconnected panels or posts ■ In terms of physical security, fences serve several purposes ● Provides a visual deterrent by defining a boundary that should not be 34 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) violated by unauthorized personnel ● Establish a physical barrier against unauthorized entry ● Effectively delay intruders which helps provide our security personnel a longer window of time to react ○ Bollards ■ Robust, short vertical posts, typically made of steel or concrete, that are designed to manage or redirect vehicular traffic ○ Fencing is considered to be more adaptable and well-suited for safeguarding large perimeters around the entire building ○ Bollards are really designed to counter vehicular threats in a specific area instead ● Attacking with Brute Force ○ Brute Force ■ Type of attack where access to a system is gained by simply trying all of the possibilities until you break through ○ In terms of physically security, brute force focuses on the following ■ Forcible Entry ● Act of gaining unauthorized access to a space by physically breaking or bypassing its barriers, such as windows, doors, or fences ● Use high-strength doors with deadbolt locks, metal frames, or a solid core ■ Tampering with security devices ● Involves manipulating security devices to create new vulnerabilities that can be exploited ● To protect against tampering with security devices, have redundancy in physical security measures 35 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) ■ Confronting security personnel ● Involves the direct confrontation or attack of your organization's security personnel ● Security personnel should undergo rigorous conflict resolution and self-defense training to mitigate risks ■ Ramming barriers with vehicles ● Uses a car, truck, or other motorized vehicle to ram into the organization's physical security barriers, such as a fence, a gate, or even the side of your building ● Install bollards or reinforced barriers to prevent vehicles from driving into your facilities ● Surveillance Systems ○ Surveillance System ■ Organized strategy or setup designed to observe and report activities in a given area ○ Surveillance is often comprised of four main categories ■ Video Surveillance ● Can include the following ○ Motion detection ○ Night vision ○ Facial recognition ● Remote access ● Provides real-time visual feedback ● A wired solution security camera is physically cabled from the device back to the central monitoring station 36 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) ● A wireless solution relies on Wi-Fi to send its signal back to the central monitoring station ● Pan-Tilt-Zoom (PTZ) System ○ Can move the camera or its angle to better detect issues during an intrusion ● Best places to have cameras ○ Data center ○ Telecommunications closets ○ Entrance or exit areas ● Cameras should be configured to record what they’re observing ■ Security Guards ● Flexible and adaptable forms of surveillance that organizations use ● Helps to reassure your staff or your customers that they are safe ■ Lighting ● Proper lighting is crucial for conducting effective surveillance using both video and security guards ● If you create well-lit areas, this can deter criminals, reduce shadows and hiding spots, and enhance the quality of your video recordings ■ Sensors ● Devices that detect and respond to external stimuli or changes in the environment ● There are four categories of sensors ○ Infrared Sensors ■ Detect changes in infrared radiation that is often emitted by warm bodies like humans or animals 37 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) ○ Pressure Sensors ■ Activated whenever a specified minimum amount of weight is detected on the sensor that is embedded into the floor or a mat ○ Microwave Sensors ■ Detect movement in an area by emitting microwave pulses and measuring their reflection off moving objects ○ Ultrasonic Sensors ■ Measures the reflection of ultrasonic waves off moving objects ● Bypassing Surveillance Systems ○ Some of the different methods used by attackers to bypass your organization's surveillance systems ■ Visual Obstruction ● Blocking the camera’s line of sight ● Can involve the following ○ spraying paint or foam onto the camera lens ○ placing a sticker or tape over the lens ○ positioning objects like balloons or umbrellas in front of the camera to block its view ■ Blinding Sensors and Cameras ● Involves overwhelming the sensor or camera with a sudden burst of light to render it ineffective for a limited period of time ■ Interfering with Acoustics ● Acoustic systems are designed to listen to the environment to detect if 38 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) someone is in the area or to eavesdrop on their conversations ● Jamming or playing loud music to disrupt the microphone’s functionality ■ Interfering with Electromagnetic ● Electromagnetic Interference (EMI) ○ Involves jamming the signals that surveillance system relies on to monitor the environment ■ Attacking the Physical Environment ● Exploit the environment around the surveillance equipment to compromise their functionality ○ Physical tampering, like cutting wires or physically disabling devices, is an effective strategy to bypass surveillance systems ○ Modern systems are equipped with countermeasures to help protect surveillance systems ● Access Control Vestibules ○ Access Control Vestibules ■ Double-door system that is designed with two doors that are electronically controlled to ensure that only one door can be open at a given time ○ These access control vestibules can also help prevent piggybacking and tailgating ■ Piggybacking ● Involves two people working together with one person who has legitimate access intentionally allows another person who doesn't have proper authorization to enter a secure area with them ■ Tailgating ● Occurs whenever an unauthorized person closely follows someone through the access control vestibule who has legitimate access into the 39 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) secure space without their knowledge or consent ■ The key difference between Piggybacking and Tailgating ● Piggybacking uses social engineering to gain consent of the person with legitimate access ● Tailgating doesn’t use or obtain the consent of the person with legitimate access. ○ Access control vestibules are usually integrated with electronic badges and operated by a security guard at the entrance to a secure facility or office building ■ Badges contain ● RFID (Radio-Frequency Identification) ● NFC (Near-field Communication) ● Magnetic strips ○ Security guards are often at access control vestibules because they provide ■ Visual deterrent ■ Assistance ■ Check identity ■ Response ● Door Locks ○ Door Locks ■ Critical physical security control measure designed to restrict and regulate access to specific spaces or properties, preventing unauthorized intrusions and safeguarding sensitive data and individuals ○ Types of Door Locks ■ Traditional Padlocks ● Easily defeated and offer minimal protection 40 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) ■ Basic Door Locks ● Vulnerable to simple techniques like lock picking ■ Modern Electronic Door Locks ● Utilize various authentication methods for enhanced security ● Authentication Methods ○ Identification Numbers ■ Require entry of a unique code, providing a balance of security and convenience ○ Wireless Signals ■ Utilize technologies like NFC, Wi-Fi, Bluetooth, or RFID for unlocking ○ Biometrics ■ Rely on physical characteristics like fingerprints, retinal scans, or facial recognition for authentication ■ Biometric Challenges ● False Acceptance Rate (FAR) ○ Occurs when the system erroneously authenticates an unauthorized user ○ Lower FAR by increasing scanner sensitivity ● False Rejection Rate (FRR) ○ Denies access to an authorized user. Adjusting sensitivity can increase FRR ● Crossover Error Rate (CER) ○ A balance between FAR and FRR for optimal authentication effectiveness 41 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) ○ Some electronic door locks use multiple factors, such as an identification number and fingerprint, to increase security ○ Cipher Locks ■ Mechanical locks with numbered push buttons, requiring a correct combination to open ■ Commonly used in high-security areas like server rooms ○ Secure entry areas in office buildings, often using electronic access systems with badges and PINs for authentication ● Access Badge Cloning ○ Radio Frequency Identification (RFID) and Near Field Communication (NFC) are popular technologies used for contactless authentication in various applications ○ Access Badge Cloning ■ Copying the data from an RFID or NFC card or badge onto another card or device ○ How does an attacker clone an access badge? ■ Step 1: Scanning ● Scanning or reading the targeted individual’s access badge ■ Step 2: Data Extraction ● Attackers extract the relevant authentication credentials from the card, such as a unique identifier or a set of encrypted data ■ Step 3: Writing to a new card or device ● Attacker will then transfers the extracted data onto a blank RFID or NFC card or another compatible device ■ Step 4: Using the cloned access badge ● Attackers gain unauthorized access to buildings, computer systems, or even make payments using a cloned NFC-enabled credit card 42 https://www.DionTraining.com CompTIA Security+ (SY0-701) (Study Notes) ○ Access badge cloning is common because of its ■ Ease of execution ■ Ability to be stealthy when conducting the attack ■ Potentially widespread use in compromising physical security ○ How can you stop access badge cloning? ■ Implement advanced encryption in your card-based authentication systems ■ Implement Multi-Factor Authentication (MFA) ■ Regularly update your security protocols ■ Educate your users ■ Implement the use of shielded wallets or sleeves with your RFID access badges ■ Monitor and audit your access logs 43 https://www.DionTraining.com

Use Quizgecko on...
Browser
Browser