Physical Security Controls PDF

Summary

This document discusses various physical security controls, such as fences, bollards, turnstiles, and doors, and their different types. It provides security considerations for each type and emphasizes using a combination of barriers to deter unauthorized entry and prevent vehicle and pedestrian traffic within sensitive areas.

Full Transcript

Certified Cybersecurity Technician Network Security Controls - Physical Controls Exam 212-82 Physical Barriers QO Physical barriers restrict unauthorized people from entering the building; always use a combination of barriers to deter unauthorized entry Fences/Metal 2 X Rails/Barricades = First line...

Certified Cybersecurity Technician Network Security Controls - Physical Controls Exam 212-82 Physical Barriers QO Physical barriers restrict unauthorized people from entering the building; always use a combination of barriers to deter unauthorized entry Fences/Metal 2 X Rails/Barricades = First line of defense to stop trespassers Bollards = Other Physical Turnstiles |tisusedto = control vehicular and pedestrian traffic 2 barriers |t facilitates = entry and access controls |Include doors, windows, grills, glass, curtains, etc. Copyright © by | L All Rights Reserved. Reproductionis Strictly Prohibited Physical Barriers Many factors determine the physical security of an organization. These factors are essential considerations and contribute to the successful operation of physical security in an organization. The main goal of physical security is the control and prevention of unauthorized access, while physical barriers restrict unauthorized people from entering the building. Physical barriers define the physical boundary of an area and divide vehicle traffic from pedestrians. The use of a physical barrier deters and delays outsiders from entering the premises. An intruder or outsider can compromise a barrier by spending time and money as well as planning and contemplating on the site architecture. To discourage these intruders, it is a good policy to use a multilayer approach that includes external barriers, middle barriers, and internal barriers. External barriers include fences and walls; although they are built to form a structure, they inadvertently act as an obstruction. Middle barriers are equipment used to obstruct traffic and people. Internal barriers include doors, windows, grills, glass, and curtains. The following are different types of physical barriers used in a building. * Fences/electric fences/metal rails: These form the first line of defense against a trespasser and are the most commonly used type of physical barriers worldwide. Fences/metal rails/electric fences generally mark restricted and controlled areas and prevent unauthorized access. The aim of deploying physical barriers is as follows: o Block and deter attackers o Mark the boundary of the organization o Protect security guards from external attacks Module 06 Page 635 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Physical Controls Exam 212-82 o Prevent the entry of vehicles o Protect against explosive attacks i ) o) s B E R WNRATARRRNRL ARERANARE f !“' wa » Figure 6.2: Metal Rails = Bollards: A bollard may be motor vehicles in parking people. Bollards are mainly require safety and security. defined as a short vertical post that controls and restricts areas, offices, etc. This facilitates the easy movement of used in building entrances, pedestrian areas, and areas that It is effective in controlling pedestrian and vehicle traffic in sensitive areas. Figure 6.3: Bollards = Turnstiles: This type of physical barrier allows entry to only one person at a time. Entry can be achieved only by the insertion of a coin, ticket, or pass. It allows security personnel to closely watch the people entering the organization and stop any suspicious persons at the gate. However, the use of a turnstile can hamper the fast evacuation of occupants in case of a fire emergency. Module 06 Page 636 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Physical Controls Exam 212-82 Figure 6.4: Turnstiles = Other Barriers: These include doors, windows, grills, glass, and curtains installed to limit access to certain areas. o Doors: Doors can be used as a good structure to control the access of users in a restricted area. Door security may be increased with the installation of CCTV cameras, proper lighting systems, locking technology, etc. o Windows: An intruder can use windows to gain unauthorized access to restricted areas. Proper security measures should be considered while installing windows. Some of these considerations include the following: e Method of opening the window e Assembling and construction of the window e Technique used in locking the window e Hinges used for the window o @Grills: Grills should be used with doors and windows to strengthen security. Grills may be used for internal as well as external security. o Glass: Sliding glass doors and sliding glass windows also strengthen physical security. LN Vi IETTT Figure 6.5: Other Barriers Module 06 Page 637 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls - Physical Controls = Exam 212-82 The following are security considerations for physical barriers: o Use a combination of barriers to deter unauthorized entry. O Use bullet-resistant windows and glass. Install doors both at the main entrance and inside the building. Lock doors and windows. Use electric security fences to detect the climbing and cutting of wires. Use alarms to alert security personnel of any intrusions through fences. Module 06 Page 638 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls - Physical Controls Exam 212-82 Security Pexsonnel ‘ / 02 - 0 1 / O / Physical 713 etih Efficient and well trained security personnel are critical to implement, monitor, and maintain the physical security of organization People involved in physical security include guards, safety officer, plant’s security officer/supervisor, etc. ri o S L2/ policies and procedures First aid and medical assistance ; Handling emergency ” situations o Fire prevention Patrolling procedures Trespassers and crowd management Copyright © byy EC-Council PYTIE! All Rights Reserved. L Reproductions Strictly | Prohibited Security Personnel Security personnel/guards are hired to implement, monitor, and maintain the physical security of an organization. They are responsible for developing, evaluating, and implementing security functions such as the installation of security systems to protect sensitive information from loss, theft, sabotage, misuse, and compromise. Hiring skilled and trained security personnel can be an effective security measure for any organization. They play a crucial role in physical security. However, organizations generally do not consider this a core competency to invest in as part of their strategic plan. Organizations should hire security personnel by themselves and provide adequate training on physical security. Alternatively, they can contact dedicated physical security service firms to handle physical security for them. There are organizations dedicated to training security officers, providing standardized procedures, and managing security on a 24 x 7 x 365 schedule by sharing guards across different organizations. The following are the people involved in physical security. = Guards: Their responsibilities include screening visitors and employees at the main gates or entrance; documenting names and other details about visitors; conducting regular patrols on the premises; inspecting packages, luggage, and vehicles; managing vehicle traffic; and guiding visitors to the reception area after noting their details. Guards should maintain visitor logs and record entry and exit information. Guards generally handle the use of CCTV cameras as a deterrent as well as a mechanism to detect and possibly prevent an intrusion. Module 06 Page 639 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Physical Controls Exam 212-82 The plant’s security officers/supervisors: Their responsibilities include training and monitoring the activities of the guards; assisting guards during crisis situations; handling crowds; and maintaining the keys, locks, lights, greenery, etc. of the facility. Safety officers: Their responsibilities include implementing and managing safety-related equipment installed around the facility and ensuring the proper functioning of this equipment. Chief information security officer (CISO): In the past, it was common for the CISO of an organization to be an extremely technically competent individual who has held various positions with an enterprise security function or even has a networking or systems background. Today, a CISO is required to be much more than technically competent. The modern CISO must have a diversified set of skills to successfully dispatch their duties and establish organization. the appropriate level of security and security investment for their Continuous training for security personnel can provide great benefits and an effective team for the organization. Regardless of the position, security-related personnel should be selected based on the experience and qualification required for the job. Executives should thoroughly evaluate the personnel’s past experiences and, based on this information, provide adequate training to fill the gap between the ability and skills necessary for the job. An organization should train newly hired security personnel in the following areas: Organizational culture, ethics, and professionalism Security policies and procedures Policy enforcement Trespassers and crowd management Handling emergency situations Human and public relations Patrolling procedures Managing workplace violence First aid and medical assistance Fire prevention Vehicle traffic management Handling foreign guests, invitees, etc. Report writing Module 06 Page 640 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Use Quizgecko on...
Browser
Browser