Deck 16: Physical and Infrastructure Security

Human-caused threats are less predictable than other types of physicalthreats.

For information systems, the role of logical security is to protect thephysical assets that support the storage and processing of information.

To implement a physical security program an organization mustconduct a risk assessment to determine the amount of resources to devote to physical security and the allocation of those resources against the various threats.

If a computer's temperature gets too cold the system can undergothermal shock when it is turned on.

Unauthorized physical access can lead to other threats.

The direct flame is the only threat from fire.

A person that becomes statically charged can damage electronicequipment by an electric discharge.

High humidity does not pose a threat to electrical and electronicequipment as long as the computer's temperature stays within the optimal range.

Misuse of the physical infrastructure includes vandalism, theft ofequipment, theft by copying, theft of services, and unauthorized entry.

Physical security must also prevent any type of physical access orintrusion that can compromise logical security.

Physical access control should address not just computers and other ISequipment but also locations of wiring used to connect systems, equipment and distribution systems, telephone and communications lines, backup media, and documents.

Physical security must prevent misuse of the physical infrastructurethat leads to the misuse or damage of the protected information.

Low-intensity devices such as cellular telephones do not interfere withelectronic equipment.

The CHUID is a PIV card data object.

_________ threats encompass conditions in the environment that can damage or interrupt the service of information systems and the data they contain.

An _______ condition occurs when the IS equipment receives less voltage than is required for normal operation.

_________ security, also called infrastructure security, protects the information systems that contain data and the people who use, operate, and maintain the systems.

Tornados, tropical cyclones, earthquakes, blizzards, lightning, and floods are all types of ________ disasters.

Human-caused threats can be grouped into the following categories: unauthorized physical access, theft, _________ and misuse.

________ physical threats are more difficult to deal with than environmental and technical threats.

_______ threats encompass threats related to electrical power and electromagnetic emission.

Physical security threats are organized into three categories: environmental threats, human-caused threats, and _________ threats.

Power utility problems can be grouped into three categories: undervoltage, overvoltage, and ________.

Noise along a power supply line, motors, fans, heavy equipment, microwave relay antennas, and other computers are all sources of _________.

To deal with the threat of smoke, the responsible manager should install _______ in every room that contains computer equipment as well as under raised floors and over suspended ceilings.

______ authentication is implemented by using a fingerprint or iris data object sent from the PIV card to the PACS.

The most essential element of recovery from physical security breaches is ____.

A(n) ________ is a battery backup unit that can maintain power to processors, monitors, and other equipment and can also function as a surge protector, power noise filter, and an automatic shutdown device.

The _______ authentication has an attendant supervise the use of the PIV card and the submission of the PIN and the sample biometric by the cardholder.