Chapter 6 - Physical Security Controls PDF

Summary

This document discusses various physical security controls, including security/access badges, mechanical and digital locks, and contraband detection devices. Security/access badges are credential cards for authentication. Mechanical locks are key-operated, while digital locks use fingerprints, smart cards, or PINs. The document also covers electromagnetic/electric locks and combination locks.

Full Transcript

Certified Cybersecurity Technician Network Security Controls - Physical Controls Exam 212-82 Security/Access Badges Security/access badges are credential cards used to authenticate personnel while granting entry to an area secured with an automated access-control system These entry points include barriers such as parking gates, turnstiles, and doors @ When an access badge is read by a card reader, the facility code is forwarded to the access-control system to unlock the controlled access point, if the card is valid The access cards are equipped with a number called a facility code, which is unique to each badge holder Copyright © by L All Rights Reserved, Reproduction is Strictly Prohibited Security/Access Badges Security/access badges are credential cards used to authenticate personnel while gaining entry to an area secured with an automated access-control system. These entry points include barriers such as parking gates, turnstiles, and doors. The cards are assigned a number called the facility code, which is unique to each badge holder. These numbers are identified using various technologies such as smart cards, barcodes, biometrics, and magnetic stripe devices. When an access badge is read by a card reader, the facility code is forwarded to the access-control system (computer system) to unlock the controlled access point, if the card is valid. This system also records the details of access such as card swipe time and date for future reference. Module 06 Page 641 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Physical Controls Exam 212-82 Physical Locks Mechanical locks Uses a combination of springs, tumblers, levers, and latches, and operates Digital locks -— Requires a fingerprint, smart card or PIN authentication to unlock by means of physical keys Electronic /Electric Combination locks Requires a sequence of /Electromagnetic locks Uses magnets, solenoids and motors to operate by numbers or symbols to unlock supplying or removing power Physical Locks Various types of locking systems are available to improve the restriction of unauthorized physical access. The organization should select an appropriate locking system according to their security requirements. The following are the different types of locks. = Mechanical locks: These provide an easy method to restrict unauthorized access in an organization. Mechanical locks come with or without keys. There are two types of mechanical locks. o Warded lock: A warded lock contains a spring-loaded bolt attached to a notch. A key inserted into the notch moves the bolt backward and forward. Only the correct key can be inserted into the notch, which blocks incorrect keys. o Tumbler lock: A tumbler lock consists of metal pieces inside a slot in the bolt. This prevents the bolt from moving. A correct key contains grooves that allow the bolt to move by raising the metal pieces above the bolt. Tumbler locks are further classified into pin tumbler, disk tumbler, and lever tumbler locks. = Digital locks: Digital locks require fingerprints, smart cards, is easy to handle and does not require keys, eliminating losing keys. It provides automatic locking for doors. The fingerprint impression, swipe their smart card, or enter the = Electric/electromagnetic locks: Electric locks or electronic locking systems operate on electric current. Locking and unlocking are achieved by supplying and eliminating power. Module 06 Page 642 or keypad PINs to unlock. It the chance of forgetting or user only has to use their PIN to unlock it. Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls - Physical Controls Exam 212-82 The locks are activated or deactivated mainly using magnets or motors. They do not require keys to be maintained for the locking system. An electromagnetic lock or magnetic lock consists mainly of an electromagnet and an armature plate. The locking device can be of two types: fail safe and fail secure. Fail secure locks remain locked even during power loss, whereas fail safe locks remain inactive when de-energized. The electromagnetic part may be placed on a door frame, and the armature plate may be placed on the door. The magnetic flux created by the electromagnet creates an attractive force towards the armature plate, which initiates the door closing process. = Combination locks: These require the user to provide a combination of numbers and letters to unlock. Users may enter the combination sequence either through a keypad or by using a rotating dial that intermingles with several other rotating discs. Combination locks do not use keys for functioning. Module 06 Page 643 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls — Physical Controls Exam 212-82 Concealed Weapon/Contraband Detection Devices 9 O Contraband includes materials that are banned from entering the environment such as explosives, bombs, Q Use different tools such as handheld metal detectors, walkthrough metal detectors, X-ray inspection systems, etc. to detect contraband materials weapons, etc. Metal detectors X-ray inspection systems Walkthrough metal detectors =" Copyright © by EC All Rights Reserved. Reproductionis Strictly Prohibited Concealed Weapon/Contraband Detection Devices Contraband detection devices act as an important physical security control as they restrict undesirable activities and/or a person carrying contraband from entering the premises. Contraband refers to illegal materials such as explosives, bombs, and weapons, which should be banned from the premises. An attempt to enter the premises with contraband can be considered an act of terrorism. Contraband detection devices are able to detect such substances, even when they are covered by other objects. Different types of devices are used to detect contraband materials; examples are handheld metal detectors, walkthrough metal detectors, and X-ray inspection systems. = Walkthrough metal detectors are mainly used in airport terminals, schools, sports stadiums, etc. They help check people who have admission to certain areas. Furthermore, walkthrough detectors should be maintained and properly monitored. They should be deployed at each entry point of the organization. Figure 6.6: Walkthrough metal detectors Module 06 Page 644 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Controls - Physical Controls = Exam 212-82 Handheld metal detectors allow people to be screened more closely and detect suspicious objects. Handheld detectors are used in most places where walkthrough detectors are used. Figure 6.7: Metal Detectors » X-ray inspection systems are easy to handle and use. They use X-rays instead of visible light to screen objects. Figure 6.8: X-ray inspection systems Module 06 Page 645 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.