CISSP Exam Notes - Physical Security Essay

4765 Words 20 Pages
CISSP Exam Notes - Physical Security

1

CISSP Exam Notes - Physical Security

1. Introduction
1.1 Physical security addresses the physical protection of the resources of an organization, which include people, data, facilities, equipment, systems, etc. It concerns with people safety, how people can physically enter an environment and how the environmental issues affect equipment and systems. People safety always takes precedence over the other security factors.
1.2 Physical security is the first line of defense.
1.3 Major sources of physical security threats are:
Ÿ Weather, e.g. temperature, humidity, water, flood, wind, snow, lightening, etc.
Ÿ Fire and Chemical, e.g. explosion, smoke, toxic material, industrial pollution,
…show more content…
air will flow out of a room when the door is open, which can avoid contamination of the room), protected intake vents to prevent tampering, monitoring of environmental condition, emergency power off, placement of HVAC

CISSP Exam Notes - Physical Security

Ÿ
Ÿ
Ÿ
Ÿ

3

system.
Power supplies – backup power supply, clean power supply, circuit breaker, access to power distribution panels, placement of power sockets.
Liquid and gas line – shutoff valve, positive flow (i.e. liquid or gas should flow out of a building, not in), leakage sensor, placement of liquid and gas lines.
Fire detection and suppression – fire or smoke detector and alarm, sprinkler, gas discharge system, placement of detectors and sprinkler heads.
Emergency lighting – essential power supply and battery for emergency lighting.

2.4 In general, a wall should have 1-hour fireproof rating. For data center or room which stores paper document, magnetic media, etc., the walls should have a minimum of 2-hour fireproof rating.

3. Perimeter Security
3.1 Perimeter security controls are used to prevent unauthorized access to a facility. They deal with access control, auditing and monitoring; intrusion detection and response.
3.2 The perimeter security requirements when a facility is in operation should be different from those when the facility is closed.
Access Control and Auditing
3.3 Physical access control mechanisms include:
Ÿ Lock and key.
Ÿ Access card and

Related Documents