Domain 3

avatar
Created by
Blessbo

Cards (64)

  • Access Control Categories
    • Administrative (Directive) Controls
    • Technical Controls
    • Physical Controls
    View source
  • Administrative (Directive) Controls
    • Organizational policies and procedures
    • Regulation
    • Training and awareness
    View source
  • Technical Controls
    • Hardware/software/firmware - Firewalls, routers, encryption
    View source
  • Physical Controls
    • Locks, fences, guards, dogs, gates, bollards
    View source
  • Access Control Types
    • Preventative
    • Detective
    • Corrective
    • Recovery
    • Deterrent
    • Compensating
    View source
  • Preventative
    Prevents action from happening - Least privilege, drug tests, IPS, firewalls, encryption
    View source
  • Detective
    Controls that Detect during or after an attack - IDS, CCTV, alarms, anti-virus
    View source
  • Corrective
    Controls that Correct an attack - Anti-virus, patches, IPS
    View source
  • Recovery
    Controls that help us Recover after an attack - DR Environment, backups, HA Environments
    View source
  • Deterrent
    Controls that Deter an attack - Fences, security guards, dogs, lights, Beware of the dog signs
    View source
  • Compensating
    Controls that Compensate - other controls that are impossible or too costly to implement
    View source
  • Fences
    • Smaller fences can be a deterrence, while taller ones can be a prevention mechanism
    • Ensure entrance/exits from the facility happen through only a few entry points
    View source
  • Gates
    • Placed at control points at the perimeter
    • Used with the fences to ensure access only happens through a few entry points
    View source
  • ASTM Standard for Gates
    • Class I Residential
    • Class II Commercial/General Access
    • Class III Industrial/Limited Access
    • Class IV Restricted Access
    View source
  • Bollards
    • Used to prevent cars or trucks from entering an area while allowing foot traffic to pass
    • Can be static heavy-duty objects or electronically raised/lowered
    View source
  • Lights
    • Should fully illuminate the entire area
    • Can be static, motion activated or automatic/manual Fresnel lights
    View source
  • Lumen
    1 lumen per square foot
    View source
  • Lux
    1 lumen per square meter
    View source
  • CCTV
    • Used to monitor the facility's perimeter and inside it
    • Older cameras are analog and use video tapes, modern cameras are digital and use CCD and DVR
    • Organizations may have retention requirements for video footage
    • Cameras can be either static or non-static
    View source
  • Key locks
    • Require a physical key to unlock
    • Key Bitting Code can be copied and replicated
    • Pin Tumbler Lock uses pins of varying lengths to prevent the lock from opening without the correct key
    • Lock Picking and Lock Bumping can be used to open locks without the key
    • Master Keys open any lock in a given area or security zone
    View source
  • Interchangeable core locks
    • Use a specialized "control" key for insertion and extraction of the core
    • Should be kept secure and access should be very restricted
    View source
  • Combination Locks
    • Not very secure and have limited accountability even with unique codes
    • Should be used for low security areas
    • Can be Dial type, Button or Keypad
    • Susceptible to brute force, shoulder surfing and often configured with weak security
    View source
  • Smart Cards

    • Contact Cards are inserted into a machine to be read
    • Contactless Cards can be read by proximity using RFID
    View source
  • Magnetic Stripe Cards
    Swiped through a reader, no circuit, very easy to duplicate
    View source
  • Tailgating/Piggybacking
    Following someone authorized into an area you are not authorized to be in, often combined with Social Engineering
    View source
  • Mantrap
    • A room with 2 doors, Door 1 must close completely before Door 2 can be opened
    • Each door has a different authentication method
    View source
  • Turnstiles
    • Prevents tailgating, allowing only 1 person to enter per Authentication
    View source
  • Contraband Checks

    • Checking what you are bringing in or out of the building to ensure nothing dangerous gets in or anything confidential gets out
    View source
  • Motion Detectors
    • Used to alert staff by triggering an alarm
    • Can be light-based, ultrasound, microwave, infrared or laser
    View source
  • Perimeter Alarms
    • Door/window sensors - if opened or broken, an alarm sounds
    • Walls, windows, doors, and any other openings should be considered equally strong
    View source
  • Walls, Floors, and Ceilings
    • Should be "slab to slab" and made of secure materials with appropriate fire rating
    View source
  • Types of Guards
    • Professional Guards
    • Amateur Guards
    • Pseudo Guard
    View source
  • Guards
    • Can check credentials/ID Cards, monitor CCTV cameras, monitor environmental controls, react to incidents, act as a deterrent
    • Should have a clear set of rules and regulations
    • Social engineering attacks should be prevented with training
    View source
  • Dogs
    • Most often used in controlled, enclosed areas
    • Liability can be an issue
    • Trained to corner suspects and attack someone who's fleeing
    View source
  • Restricted Work Areas and Escorts
    • Use visitor badges, visitor logs, and escorts to track and funnel authorized visitors
    • Non-electronic visitor badges are easy to make copies of and fake, electronic ones should have a short window of use
    View source
  • Compensating controls
    • Most often used in controlled, enclosed areas
    • Liability can be an issue
    • Dogs are trained to corner suspects and attack someone who's fleeing. People often panic when they encounter a dog and run
    • Even if they're in a secure area, the organization may still be liable for injuries
    • Can also be internal authorized employees walking out the wrong door or trying to take a shortcut
    View source
  • Restricted Work Areas and Escorts
    1. Track and funnel authorized visitors using visitor badges, visitor logs, and escorts
    2. Non-electronic visitor badges are easy to make copies of and easy to fake
    3. Electronic can be just a cheap re-programmable magnetic strip (like for hotel rooms, easy to copy). Make sure they have a short window of use, or more secure individually printed ones for each visit, and only used once
    4. The return of all badges and physical sign-out should be enforced when the visitor leaves
    5. When a vendor is coming to repair, install or remove something in your facility, they need to be checked in and escorted from the entry point to where they are going to work by an employee, and the employee should stay with the vendor until the work is completed
    6. The vendor's employees should already have passed a security check when they were hired; the vendor is liable
    View source
  • Access Control Categories
    • Administrative (Directive) Controls
    • Logical/Technical Controls
    • Physical Controls
    View source
  • Access Control Types
    • Preventative
    • Detective
    • Corrective
    • Recovery
    • Deterrent
    • Compensating
    View source
  • Identity and Access Provisioning

    We can have multiple identities per entity and each identity can have multiple attributes
    View source