CompTIA Security+ (SY0-701) Section 4.pdf

Full Transcript

CompTIA Security+
(SY0-701) (Study Notes)

Physical Security
Objectives:
● 1.2 - Summarize fundamental security concepts
● 2.4 - Analyze indicators of malicious activity

● Physical Security
○ Physical Security
■ Measures to protect tangible assets (buildings, equipment, people) from harm or
unauthorized access
○ Security Controls
■ Fencing and Bollards
● Bollards
○ Short, sturdy vertical posts controlling or preventing vehicle access
● Fences
○ Barriers made of posts and wire or boards to enclose or separate
areas
■ Brute Force Attacks
● Forcible entry
● Tampering with security devices
● Confronting security personnel
● Ramming a barrier with a vehicle
■ Surveillance Systems
● An organized strategy to observe and report activities
● Components
○ Video surveillance

33
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
○ Security guards
○ Lighting
○ Sensors
■ Access Control Vestibules
● Double-door system electronically controlled to allow only one door open
at a time
● Prevents piggybacking and tailgating
■ Door Locks
● Padlocks
● Pin and tumbler locks
● Numeric locks
● Wireless locks
● Biometric locks
● Cipher locks
● Electronic access control systems
■ Access Badges
● Use of Radio Frequency Identification (RFID) or Near Field
Communication (NFC) for access

● Fencing and Bollards
○ Fencing and bollards stand out as some of the most primitive tools that are employed to
safeguard assets and people
○ Fence
■ Structure that encloses an area using interconnected panels or posts
■ In terms of physical security, fences serve several purposes
● Provides a visual deterrent by defining a boundary that should not be
34
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
violated by unauthorized personnel
●

Establish a physical barrier against unauthorized entry

● Effectively delay intruders which helps provide our security personnel a
longer window of time to react
○ Bollards
■ Robust, short vertical posts, typically made of steel or concrete, that are
designed to manage or redirect vehicular traffic
○ Fencing is considered to be more adaptable and well-suited for safeguarding large
perimeters around the entire building
○ Bollards are really designed to counter vehicular threats in a specific area instead

● Attacking with Brute Force
○ Brute Force
■ Type of attack where access to a system is gained by simply trying all of the
possibilities until you break through
○ In terms of physically security, brute force focuses on the following
■ Forcible Entry
● Act of gaining unauthorized access to a space by physically breaking or
bypassing its barriers, such as windows, doors, or fences
● Use high-strength doors with deadbolt locks, metal frames, or a solid core
■ Tampering with security devices
● Involves manipulating security devices to create new vulnerabilities that
can be exploited
● To protect against tampering with security devices, have redundancy in
physical security measures

35
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
■ Confronting security personnel
● Involves the direct confrontation or attack of your organization's security
personnel
● Security personnel should undergo rigorous conflict resolution and
self-defense training to mitigate risks
■ Ramming barriers with vehicles
● Uses a car, truck, or other motorized vehicle to ram into the
organization's physical security barriers, such as a fence, a gate, or even
the side of your building
● Install bollards or reinforced barriers to prevent vehicles from driving into
your facilities

● Surveillance Systems
○ Surveillance System
■ Organized strategy or setup designed to observe and report activities in a given
area
○ Surveillance is often comprised of four main categories
■ Video Surveillance
● Can include the following
○ Motion detection
○ Night vision
○ Facial recognition
● Remote access
● Provides real-time visual feedback
● A wired solution security camera is physically cabled from the device back
to the central monitoring station
36
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
● A wireless solution relies on Wi-Fi to send its signal back to the central
monitoring station
● Pan-Tilt-Zoom (PTZ) System
○ Can move the camera or its angle to better detect issues during an
intrusion
● Best places to have cameras
○ Data center
○ Telecommunications closets
○ Entrance or exit areas
● Cameras should be configured to record what they’re observing
■ Security Guards
● Flexible and adaptable forms of surveillance that organizations use
● Helps to reassure your staff or your customers that they are safe
■ Lighting
● Proper lighting is crucial for conducting effective surveillance using both
video and security guards
● If you create well-lit areas, this can deter criminals, reduce shadows and
hiding spots, and enhance the quality of your video recordings
■ Sensors
● Devices that detect and respond to external stimuli or changes in the
environment
●

There are four categories of sensors
○ Infrared Sensors
■ Detect changes in infrared radiation that is often emitted
by warm bodies like humans or animals

37
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
○ Pressure Sensors
■ Activated whenever a specified minimum amount of
weight is detected on the sensor that is embedded into the
floor or a mat
○ Microwave Sensors
■ Detect movement in an area by emitting microwave pulses
and measuring their reflection off moving objects
○ Ultrasonic Sensors
■ Measures the reflection of ultrasonic waves off moving
objects

● Bypassing Surveillance Systems
○ Some of the different methods used by attackers to bypass your organization's
surveillance systems
■ Visual Obstruction
● Blocking the camera’s line of sight
● Can involve the following
○ spraying paint or foam onto the camera lens
○ placing a sticker or tape over the lens
○ positioning objects like balloons or umbrellas in front of the
camera to block its view
■ Blinding Sensors and Cameras
● Involves overwhelming the sensor or camera with a sudden burst of light
to render it ineffective for a limited period of time
■ Interfering with Acoustics
● Acoustic systems are designed to listen to the environment to detect if
38
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
someone is in the area or to eavesdrop on their conversations
● Jamming or playing loud music to disrupt the microphone’s functionality
■ Interfering with Electromagnetic
● Electromagnetic Interference (EMI)
○ Involves jamming the signals that surveillance system relies on to
monitor the environment
■ Attacking the Physical Environment
● Exploit the environment around the surveillance equipment to
compromise their functionality
○ Physical tampering, like cutting wires or physically disabling devices, is an effective
strategy to bypass surveillance systems
○ Modern systems are equipped with countermeasures to help protect surveillance
systems

● Access Control Vestibules
○ Access Control Vestibules
■ Double-door system that is designed with two doors that are electronically
controlled to ensure that only one door can be open at a given time
○ These access control vestibules can also help prevent piggybacking and tailgating
■ Piggybacking
● Involves two people working together with one person who has
legitimate access intentionally allows another person who doesn't have
proper authorization to enter a secure area with them
■ Tailgating
● Occurs whenever an unauthorized person closely follows someone
through the access control vestibule who has legitimate access into the
39
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
secure space without their knowledge or consent
■ The key difference between Piggybacking and Tailgating
● Piggybacking uses social engineering to gain consent of the person with
legitimate access
● Tailgating doesn’t use or obtain the consent of the person with legitimate
access.
○ Access control vestibules are usually integrated with electronic badges and operated by
a security guard at the entrance to a secure facility or office building
■ Badges contain
● RFID (Radio-Frequency Identification)
● NFC (Near-field Communication)
● Magnetic strips
○ Security guards are often at access control vestibules because they provide
■ Visual deterrent
■ Assistance
■ Check identity
■ Response

● Door Locks
○ Door Locks
■ Critical physical security control measure designed to restrict and regulate access
to specific spaces or properties, preventing unauthorized intrusions and
safeguarding sensitive data and individuals
○ Types of Door Locks
■ Traditional Padlocks
● Easily defeated and offer minimal protection
40
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
■ Basic Door Locks
● Vulnerable to simple techniques like lock picking
■ Modern Electronic Door Locks
● Utilize various authentication methods for enhanced security
● Authentication Methods
○ Identification Numbers
■ Require entry of a unique code, providing a balance of
security and convenience
○ Wireless Signals
■ Utilize technologies like NFC, Wi-Fi, Bluetooth, or RFID for
unlocking
○ Biometrics
■ Rely on physical characteristics like fingerprints, retinal
scans, or facial recognition for authentication
■ Biometric Challenges
● False Acceptance Rate (FAR)
○ Occurs when the system erroneously
authenticates an unauthorized user
○ Lower FAR by increasing scanner sensitivity
● False Rejection Rate (FRR)
○ Denies access to an authorized user.
Adjusting sensitivity can increase FRR
● Crossover Error Rate (CER)
○ A balance between FAR and FRR for optimal
authentication effectiveness

41
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
○ Some electronic door locks use multiple factors, such as an identification number and
fingerprint, to increase security
○ Cipher Locks
■ Mechanical locks with numbered push buttons, requiring a correct combination
to open
■ Commonly used in high-security areas like server rooms
○ Secure entry areas in office buildings, often using electronic access systems with badges
and PINs for authentication

● Access Badge Cloning
○ Radio Frequency Identification (RFID) and Near Field Communication (NFC) are popular
technologies used for contactless authentication in various applications
○ Access Badge Cloning
■ Copying the data from an RFID or NFC card or badge onto another card or device
○ How does an attacker clone an access badge?
■ Step 1: Scanning
● Scanning or reading the targeted individual’s access badge
■ Step 2: Data Extraction
● Attackers extract the relevant authentication credentials from the card,
such as a unique identifier or a set of encrypted data
■ Step 3: Writing to a new card or device
● Attacker will then transfers the extracted data onto a blank RFID or NFC
card or another compatible device
■ Step 4: Using the cloned access badge
● Attackers gain unauthorized access to buildings, computer systems, or
even make payments using a cloned NFC-enabled credit card
42
https://www.DionTraining.com

CompTIA Security+
(SY0-701) (Study Notes)
○ Access badge cloning is common because of its
■ Ease of execution
■ Ability to be stealthy when conducting the attack
■ Potentially widespread use in compromising physical security
○ How can you stop access badge cloning?
■ Implement advanced encryption in your card-based authentication systems
■

Implement Multi-Factor Authentication (MFA)

■ Regularly update your security protocols
■ Educate your users
■ Implement the use of shielded wallets or sleeves with your RFID access badges
■ Monitor and audit your access logs

43
https://www.DionTraining.com