Introduction to Physical Security

livogroup

8 Jan 201108:49

Summary

TLDRThis video introduces the key concepts of physical security, focusing on three main control types: physical access, technical, and administrative. Physical access controls include fences, man-traps, security guards, and biometric systems, designed to restrict unauthorized access. Technical controls such as CCTV and alarms enhance security measures, while administrative controls enforce policies and procedures like employee background checks and emergency preparedness. The video emphasizes the importance of understanding these systems for CISSP candidates and provides insights into balancing security technologies with human judgment for effective protection.

Takeaways

🔐 Physical security controls are divided into three main categories: physical access, technical, and administrative controls.
🛡️ Physical access controls include visible systems like fencing, man-traps, security guards, guard dogs, locks, and biometric access.
🚧 Fencing heights matter: 3-4 feet for deterring casual intruders, 6-7 feet to make climbing difficult, and 8 feet to deter determined intruders.
🚪 Man-traps control the flow of individuals to prevent piggybacking, using two doors where only one person can enter at a time.
👮 Security guards are still essential, offering sound judgment and serving as visible deterrents alongside modern technology.
🐕 Guard dogs enhance security with acute senses, though they lack the judgment of human security guards.
🔒 Locks are inexpensive and simple physical controls; types include preset, programmable, and electronic locks.
🖐️ Biometric access controls use unique physical traits like fingerprints and retina scans, providing a very accurate method of identification.
📉 Important biometric metrics for CISSP: False Reject Rate (FRR) and False Accept Rate (FAR), with the Cross Error Rate occurring when both are equal.
📹 Technical controls involve systems like CCTV, alarms, and intrusion detection, providing surveillance and complementing physical security measures.

Q & A

What are the three main types of physical security controls mentioned in the video?
-The three main types of physical security controls are physical access controls, technical controls, and administrative controls.
What is the purpose of physical access controls?
-Physical access controls are systems used to restrict access to a particular area and provide protection. Examples include fencing, man-traps, security guards, locks, and biometric access controls.
What height of fencing is used to deter casual intruders?
-Fences that are 3 to 4 feet tall are used to deter casual intruders.
How does a man-trap work, and what security function does it serve?
-A man-trap consists of two doors where one person must enter, close the first door behind them before opening the second door to access the area. It helps control the flow of individuals and prevents unauthorized access through piggybacking.
What is piggybacking, and how do man-traps help prevent it?
-Piggybacking occurs when an unauthorized person follows an authorized person into a secure area. Man-traps help prevent this by controlling individual access and ensuring only one person passes through at a time.
Why are security guards still needed despite modern surveillance equipment?
-Security guards are needed because they provide human judgment, which technology cannot. They also serve as a visible deterrent and can perform tasks such as escorting visitors.
What are the advantages and limitations of using guard dogs for physical security?
-Guard dogs have highly developed senses of smell and hearing, making them effective for detecting threats. However, they have limited judgment ability compared to human security guards.
What is the significance of the cross-error rate (CER) in biometric access controls?
-The cross-error rate (CER) is the point where the false reject rate (FRR) and false accept rate (FAR) are equal. It is important because it indicates the balance between denying authorized users and granting access to unauthorized users in biometric systems.
What is an example of a technical control in physical security?
-An example of a technical control is closed-circuit television (CCTV) systems, which provide surveillance and can be used to record events for later analysis.
What are administrative controls, and how do they support physical security?
-Administrative controls are policies and procedures that ensure the proper implementation of physical and technical controls. They include things like recording ingress and egress, conducting fire drills, and ensuring background checks for employees.