(Page 1 of 5)
In this chapter, we looked at the topics in the fifth domain of the Security+ exam, Operational/Organizational Security.
You discovered that Physical Security involves the safety and security of physical components of your network. In the area of physical security, you learned about various facets of access control (the process by which you restrict access to physical resources), including:
You also looked at the environment in which your network operates. Be aware of wireless cells (areas in which wireless transmissions can occur) and take steps to ensure that unauthorized individuals cannot hop onto or snoop traffic on those networks. Carefully look at the location of your facilities, because improper location of resources can leave your network unnecessarily vulnerable to harm (like locating a machine room directly under a washroom). Additionally, careful placement of wireless antennas will help minimize vulnerability to unauthorized access. Similarly, shielding (of both equipment, to protect surrounding areas from RF, and buildings/rooms, to prevent leakage of RF from wireless communications) is often advised or even required to maintain confidentiality of data or network traffic. For example, metal paint and Mylar window covering can minimize wireless signal leakage and reduce your organizations vulnerability to war-driving (in which users cruise around outside buildings looking for open wireless access points).
Another area you reviewed in physical security is fire suppression. Computers and water dont mix well, so historically computer room fire suppression used Halon 1211 gas; recently due to ozone layer concerns, this was replaced with FE-36. In addition to arranging for suitable fire suppression technology for equipment rooms, also consider logistics. You should set your servers up with a batch function which can be invoked to shut them down in the event of an emergency; when a fire alarm occurs, invoke this function as you leave, so that no one can come along behind you (after setting the false alarm) and access the now-unguarded systems.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.