Osg Cissp

True or False: There can be security, even if there is no physical security.

True or False: If a malicious person can gain physical access to your facility or equipment, they can do just about anything they want, from destruction to disclosure and alteration.

Functional order of controls.

Security controls should be deployed so that initial attempts to access physical assets are [blank] (boundary restrictions accomplish this).

If deterrence fails, then direct access to physical assets should be [blank] (for example, locked vault doors).

If denial fails, your system needs to [blank] intrusion (for example, using motion sensors), and the intruder should be [blank] sufficiently in their access attempts to enable authorities to respond (for example, a cable lock on the asset).

Visibility, composition of the surrounding area, area accessibility, and the effects of natural disasters.

Understanding the level of security needed by your organization and planning for it before construction begins.

True or False: There should be equal access to all locations within a facility.

Areas that contain assets of higher value or importance should have what?

Valuable and confidential assets should be located where?

True or False: Centralized server or computer rooms need to be human compatible.

Where the networking cables for a whole building or just a floor are connected to other essential equipment, such as patch panels, switches, routers, LAN extenders, and backbone channels.

Most of the security for a wiring closet focuses on preventing what?

If a facility employs restricted areas to control physical security, then what's required?

True or False: Failing to track the actions of outsiders when they are granted access to a protected area can result in malicious activity against the most protected assets.

The security controls implemented to manage physical security can be divided into what three groups?

Facility construction and selection, site management, personnel controls, awareness training, and emergency response and procedures.

Access controls; intrusion detection; alarms; closed-circuit television (CCTV); monitoring; heating, ventilation, and air conditioning (HVAC) power supplies; and fire detection and suppression.

Fencing, lighting, locks, construction materials, mantraps, dogs, and guards.

True or False: Media storage facilities should be designed to securely store blank media, reusable media, and installation media.

Locked cabinets or safes, using a librarian/custodian, implementing a check-in/check-out process, and using media sanitization.

What's used to retain logs, drive images, virtual machine snapshots, and other datasets for recovery, internal investigations, and forensic investigations?

Dedicated/isolated storage facilities, offline storage, activity tracking, hash management, access restrictions, and encryption.

No matter what, what form of physical access control must be deployed to prevent abuse, masquerading, and piggybacking?

Propping open secured doors and bypassing locks or access controls.

Using someone else's security ID to gain entry to a facility.

Following someone through a secured gate or doorway without being identified or authorized personally.

Useful records as tools for physical access control.

How may audit trails and access logs need to be created?

If not created manually by security guards, how else may audit trails and access logs be generated?

You should also consider monitoring entry points with what?

True or False: Power supplied by electric companies is always consistent and clean.

True or False: Equipment damage because of power fluctuations is a common occurrence.

This is a type of self-charging battery that can be used to supply consistent clean power to sensitive equipment.

True or False: UPSs cannot provide continuous power even after the primary power source fails.

True or False: A UPS can continue to supply power for days or weeks depending on its capacity and the draw by equipment.

A momentary loss of power

A complete loss of power

Momentary low voltage

Prolonged low voltage

Momentary high voltage

Prolonged high voltage

An initial surge of power usually associated with connecting to a power source, whether primary or alternate/secondary

A steady interfering power disturbance or fluctuation

A short duration of line noise disturbance

Nonfluctuating pure power

The wire in an electrical circuit that is grounded

In addition to power considerations, maintaining the environment involves what?

Rooms containing primarily computers should be kept between what temperatures?

Between what percentages of humidity should a computer room be maintained?

Too much humidity can cause this, and too little humidity can cause that.

True or False: Even on nonstatic carpeting, if the environment has low humidity it is still possible to generate 20,000-volt static discharges.

True or False: Water leakage and flooding should not be addressed in your environmental safety policy and procedures.

True or False: Whenever possible, locate server rooms and critical computer equipment away from any water source or transport pipes.

True or False: Fire detection and suppression must not be overlooked.

In all circumstances and under all conditions, what should always be the most important goal/aspect of any security or protection system?

Yes or No: In addition to protecting people, is fire detection and suppression designed to keep damage caused by fire, smoke, heat, and suppression materials to a minimum, especially in regard to the IT infrastructure?

Yes or No: The destructive elements of a fire include smoke and heat but not the suppression medium, such as water or soda acid.

Yes or No: Smoke is damaging to most storage devices.

True or False: Heat cannot damage any electronic or computer component.

True or False: Suppression mediums can cause short circuits, initiate corrosion, or otherwise render equipment useless.

True or False: Not all issues caused by a fire and suppression issues must be addressed when designing a fire response system