More on this book
Community
Kindle Notes & Highlights
D.
C.
C.
C.
B.
B.
D.
A.
Defense in depth (also known as layered security) refers to the security practice of implementing several layers of protection. You can’t simply take a single action, such as implementing a firewall or installing antivirus software, and consider yourself protected.
Control diversity is the use of different security control types, such as technical controls, administrative controls, and physical controls.
Vendor diversity is the practice of implementing security controls from different vendors to increase security.
Remember this Layered security, or defense-in-depth practices, uses control diversity, implementing administrative, technical, and physical security controls. Vendor diversity utilizes controls from different vendors. User training informs users of threats, helping them avoid common attacks.
Remember this In the event of a fire, door access systems should allow personnel to exit the building without any form of authentication. Access points to data centers and server rooms should be limited to a single entrance and exit whenever possible.
Proximity cards are small credit card-sized cards that activate when they are in close proximity to a card reader.
personal identification number (PIN).
Remember this Proximity cards are credit card-sized access cards. Users pass the card near a proximity card reader and the card reader then reads data on the card. Some access control points use proximity cards with PINs for authentication.
Remember this Door access systems include cipher locks, proximity cards, and biometrics. Cipher locks do not identify users. Proximity cards can identify and authenticate users when combined with a PIN. Biometrics
can also identify and authenticate users.
Tailgating (also called piggybacking) occurs when one user follows closely behind another user without using credentials.
A mantrap is a physical security mechanism designed to control access to a secure area through a buffer zone.
Remember this Tailgating is a social engineering tactic that occurs when one user follows closely behind another user without using credentials. Mantraps allow only a single person to pass at a time. Sophisticated mantraps can identify and authenticate individuals before allowing access.
Remember this Video surveillance provides reliable proof of a person’s location and activity. It can identify who enters and exits secure areas and can record theft of assets.
Remember this Fencing, lighting, and alarms all provide physical security. They are often used together to provided layered security. Motion detection methods are also used with these methods to increase their effectiveness. Infrared detectors detect movement by objects of different temperatures.
However, they often use bollards, which are short vertical posts, composed of reinforced concrete and/or steel.
Remember this Barricades provide stronger barriers than fences and attempt to deter attackers. Bollards are effective barricades that can block vehicles.
Remember this Cable locks are effective threat deterrents for small equipment such as laptops and some workstations. When used properly, they prevent losses due to theft of small equipment. Locking cabinets in server rooms provide an added physical security measure. A locked cabinet prevents unauthorized access to equipment mounted in server bays.
System sprawl occurs when an organization has more systems than it needs, and systems it owns are underutilized.
radio- frequency identification (RFID) methods
Heating, ventilation, and air conditioning (HVAC) systems are important physical security controls that enhance the availability of systems.
Remember this
Higher-tonnage HVAC systems provide more cooling capacity. This keeps server rooms at lower operating temperatures and results in fewer failures.
Remember this HVAC systems increase availability by controlling temperature and humidity. Temperature controls help ensure a relatively constant temperature. Humidity controls reduce the potential for damage from electrostatic discharge and damage from condensation. HVAC systems should be integrated with the fire alarm systems and either have dampers or the ability to be turned off in the event of a fire.
Shielding helps prevent electromagnetic interference (EMI) and radio frequency interference (RFI) from interfering with normal signal transmissions.
Twisted-pair cable, such as CAT5e and CAT6 cable, comes in both shielded twisted-pair (STP) and unshielded twisted-pair (UTP) versions. The shielding helps prevent an attacker from capturing network traffic and helps block interference from corrupting the data.
Faraday Cage A Faraday cage is typically a room that prevents signals from emanating beyond the room.
Remember this EMI shielding prevents outside interference sources from corrupting data and prevents data from emanating outside the cable. Cable troughs protect cables distributed throughout a building in metal containers. A Faraday cage prevents signals from emanating beyond the cage.
Redundancy adds duplication to critical system components and networks and provides fault tolerance. If a critical component has a fault, the duplication provided by the redundancy allows the service to continue as if a fault never occurred.
A single point of failure is a component within a system that can cause the entire system to fail if the component fails.
Remember this A single point of failure is any component whose failure results in the failure of an entire system. Elements such as RAID, failover clustering, UPSs, and generators remove many single points of failure. RAID is an inexpensive method used to add fault tolerance and increase availability.
Redundant array of inexpensive disks (RAID) subsystems provide fault tolerance for disks and increase the system availability.
RAID-0
RAID-0 (striping) is somewhat of a misnomer because it doesn’t provide any redundancy or fault tolerance.
RAID-1 (mirroring) uses two disks.
A RAID-5 is three or more disks that are striped together similar to RAID-0.
RAID-6 is an extension of RAID-5, and it includes an additional parity block.
Remember this RAID subsystems, such as RAID-1, RAID-5, and RAID-6, provide fault tolerance and increased data availability. RAID-5 can survive the failure of one disk. RAID-6 can survive the failure of two disks.
A RAID-10 configuration combines the features of mirroring (RAID-1) and striping (RAID-0).
High availability refers to a system or service that needs to remain operational with almost zero downtime.
The primary purpose of a failover cluster is to provide high availability for a service offered by a server.
A load balancer can optimize and distribute data loads across multiple computers or multiple networks.
