From the course: CompTIA A+ Core 2 (220-1202) Cert Prep
Physical security
From the course: CompTIA A+ Core 2 (220-1202) Cert Prep
Physical security
- Years ago, I had this buddy who had set up a web server that he was convinced was totally unhackable, and he's like, Mike, I'll pay you X number of dollars, well, it was a lot, if you can get to this computer, and I mean he really did have it set up pretty good, really robust, firewall, you know, all kinds of stuff. And I couldn't get into it. But what I could do is I put on a janitorial costume and I walked into his offices, walked up to the server room, and I physically removed the server and took it home. That's a true story, and I won that bet. So, in this episode, what I want to talk about is physical security. Now, we've been talking about shells, let's talk about the three shells of physical security. We tend to draw physical security as a big circle around all of our stuff, and that's a fine way to start, but that's actually a little bit inaccurate. So, what we have is what we call Perimeter Security. And this is stuff to keep people from even getting on the property, to keep them away from anything. Secondly, then we're going to start having locks. Now, we tend to think about the idea of room locks here, although we can also put locks into buildings, but we're going to stick with rooms for right now. And the third part of physical security is for individual devices. What can we do to physically secure individual computers? To secure our actual perimeter, we're talking about serious stuff here. To me, the big starter is a security guard. Security guards are amazing. Equally, a security guard can check credentials if somebody's really trying to get in and can stop them. So, security guards are great. The next one, and this is often done at the security guard position, but it doesn't have to be, is a mantrap. Now, a mantrap is simply a two-door scenario where somebody walks into a scenario, they close that door, and for a few moments they are completely isolated within the mantrap. Usually within the mantrap, this is where credentials are checked, things are verified, there's probably a camera talking to the person. And then once that person is verified as being okay, we then go ahead and open the door and let them into the actual protected area itself. The next big one, and this is where we start coming down to really the rooms, although I can also say buildings work as well here, and that is the idea of locking doors. So, traditionally just simply locking a door is a great start. However, a locked door can have some problems. Number one, you're going to need a key. So, how that key manifests can be a challenge. Also, we usually would like to have some kind of entry control roster, something where people sign in at the door. However, it's pretty hard to get people to sign in or people can spoof people's names and stuff like that. So, entry control rosters are rarely pieces of paper on the side of a door anymore. Although I could name a certain three-letter US federal agency that still does that at some locations, I ain't saying nothing. Okay, so what we do instead for door locks is we tend to look for something a little bit more aggressive. One of them would be a badge reader. So, in this case, people are carrying around individual badges. Now, these badges are often RFID individual badges, and then what happens as a person goes up and approaches that door, they press the badge up to the door, they may also have to type in a pin code, for example, and they actually have multifactor authentication in a situation like that. And yes, the enter control roster also updates that they just went in that door. Similar to this are smart cards. The difference between a smart card and a badge reader is that a smart card is usually something that's going to be swiped or inserted. And in that case, someone is going to walk up to a door, they're then going to either swipe or insert a smart card, which reads it and then grants them entry. Now, if you want to get a bit fancier, there are biometric locks. Now, the problem with biometric locks is that, for example, things like retina readers where people put their heads up to a screen and actually look in are actually pretty rare. I've only seen one once in my entire life of working in IT, and it was in a very, very high security kind of network operations center. It's the only time I've ever seen that. Fingerprint readers, I've seen a number of those. Okay, so this is what's going to get you into the room. And now we're down to the individual host. So, to physically protect hosts, there are a number of devices you need to be aware of. Number one, some kind of cable lock. So, a cable lock is something that's going to physically hold down that individual computer. Cable locks are very common on things like laptops and such. They are seen, but not nearly as commonly on desktop workstation type systems. However, if you've got servers, a lot of times these servers are going to be sitting in a rack someplace. So, if you want to prevent somebody like me from stealing your server, you might want to consider a server lock. A server lock simply physically locks the server into the rack, usually behind some kind of door, and that without the key, you're not going to actually get to the server itself. Another big place we have to deal with individual systems is with USB. Thumb drives are a notorious problem when it comes to security. It is so easy to just go up to a computer, shove in a thumb drive and start grabbing data. So, you can actually turn off the USB port itself in BIOS. That's a common thing to do. But another one we like to see are USB locks. USB locks are physically little small, I'm going to call 'em a dongle for lack of a better term, that you shove into the USB ports. These will prevent people from physically inserting USB ports. And then on top of that, if they're taken out, there's usually software on the system that gives some kind of warning to let you know, hey, wait a minute, somebody's actually pulled out one of these locks. Now, the last one I want to talk about on the individual systems itself are privacy screens. Privacy screens are wonderful, and again, in a lot of security environments, they're very, very common. These usually manifest as nothing more than polarized screens that are placed on top of any type of monitor that you might be using. These are seen on desktops, they're seen on smart devices, all kinds of stuff. And basically it limits the field of view to a very, very tight, as little as about 60 degrees. So, you have to almost be directly in front of them to see the contents on the screen. Oh, okay, wait, wait, wait. There's two more I want to show you 'cause I actually have these on me. Sorry, I had to go grab my keys. So, what we're looking at here are, these are key fobs. Now, key fobs are used in physical security primarily for like getting into parking garages. You rarely see them getting into, people getting into buildings, but they can be used in that aspect. And the last one is going to be hardware tokens. Hardware tokens are physical devices that provide some kind of information that help you get into a computer. Like for example, here's a picture of the famous RSA token, and this device puts out a number that changes, I believe every minute. And then you have to use this as part of your log on process to protect yourself. Woo, that's a lot of stuff, isn't it? Physical security is really important, and I know as a tech you want to get into setting up firewalls and setting up anti-malware and stuff. And those things are important, but trust me, if you want to keep people like me out of your networks, never forget physical security. - Wow, Mike, that's a lot of stuff, but wait, there's actually more. The latest version of the A+ Core 2 exam has added some additional physical security elements that can be used to help secure a facility and prevent unauthorized entry or access. Have you ever noticed those poles in the ground in front of a stadium entrance or an arena or along a walkway or bike lane? Here's a picture about what I'm talking about. Those are called bollards. They are sturdy, vertical posts used to block roadways and protect buildings, bicyclists and pedestrians from vehicles. Bollards can be fixed in place, they can be removable, or they can even be hydraulics, so they can be raised and lowered as needed. In a physical security context, their main purpose is to prevent vehicles from crashing into building entrances. Okay, so let's say we've stopped the car or truck from smashing into the building, but what about people, or anything else up to no good who might try to walk or crawl onto the property? It can be really hard to watch an entire area, especially if it's large. That's where a video surveillance system comes in. Video systems, especially those with built-in motion detection, can record activity across a wide area. In fact, just having a camera visible can be a deterrent of its own. Video surveillance can be used for onsite monitoring, remote viewing, or recording footage on premise or in the cloud. Motion detection can trigger a video system to start recording, but it can also detect movement in an indoor or outdoor space. When movement is detected, the sensor sends a signal that can trigger an alarm, rotate a camera, lock a door, or alert first responders and more. Depending on how you set it up, you can even adjust what the motion detector responds to. So, you can avoid false alarms caused by things like a small child or an animal walking by. A variation of a motion detector can also be installed on a window or doors to signal if they've been opened or damaged. When cameras and motion detectors are triggered by an event, they typically send a signal to activate a security alarm. The alarm can sound a siren, a human voice warning, or other types of warnings. It also can be configured to notify security personnel at the organization as well as local authorities. Now, probably the biggest deterrent an organization can use for physical security is a fence. A fence creates much more of a barrier than bollards and far more visible deterrent than cameras, and it takes a lot more effort to overcome, or should I say climb over. A security fence should be tall enough to really act as a barrier. Whether it includes added deterrence like barbed wire, razor wire, or even electrification, depends on where it's located and what it's protecting. Some sites might even use two parallel fences with patrol lanes in between for guards or dogs. Whichever of these elements an organization chooses to use will vary based depending on many unique factors. But hopefully you can see how these physical security measures need to work together to create a complete coherent security plan for the facility.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.