Principles of Computer Security: CompTIA Security+ and Beyond, Fifth Edition 5th Edition

Chapter 08
Physical Security

Multiple Choice Questions

1. (p. 192) In terms of physical security, ___________ refers to protecting important assets by using several perimeters
A. layered access
B. multifactor access control
C. dual authentication
D. Intrusion detection system

Difficulty: Easy

2. (p. 189) A newer portable media that provides new obstacles is a(n)
A. Access token
B. USB drive
C. CD-ROM
D. CCTV

Difficulty: Easy

3. (p. 203) Multifactor authentication is all of these, EXCEPT:
A. What you are
B. What you have
C. What you know
D. What you calculate

Difficulty: Easy

4. (p. 190-194) Which of these, according to this chapter, is not a step that can be taken to help mitigate physical security risk?
A. All users need security training.
B. Electronic physical security systems need to be protected from network-based attacks.
C. Authentication systems should use multiple factors when feasible.
D. Constant monitoring of all employees by camera.

Difficulty: Easy

5. (p. 203) Using a token and a password to authenticate is an example of
A. Single sign-on
B. Multifactor authentication
C. Tokenizing
D. Dual access control

Difficulty: Easy

6. (p. 201-203) When a biometric is scanned and allows access to someone who is not authorized that is called a
A. False negative
B. False positive
C. True negative
D. True positive

Difficulty: Easy

7. (p. 201-202) When the system denies access to someone who is authorized it is called a
A. False negative
B. False positive
C. True negative
D. True positive

Difficulty: Easy

8. (p. 197) The best fire extinguisher for petroleum products is a
A. Class A
B. Class B
C. Class C
D. Class D

Difficulty: Easy

9. (p. 197) The best fire extinguisher for an electrical fire is a
A. Class A
B. Class B
C. Class C
D. Class D

Difficulty: Easy

10. (p. 197) The best fire extinguisher for an wood, paper and cloth fires is a
A. Class A
B. Class B
C. Class C
D. Class D

Difficulty: Easy

11. (p. 192) Which of the following are examples of the concept of layered access in physical security?
A. Firewall, IDS, CCTV
B. Fences, gates, mantrap, doors
C. CCTV, walls, antivirus
D. RFID, biometrics, personal firewalls

Difficulty: Easy

12. (p. 196-197) The following are examples of clean-agent fire suppression systems EXCEPT:
A. Carbon dioxide
B. Argon
C. Halon
D. Inergen

Difficulty: Easy

13. (p. 195-196) One drawback to water-based fire suppression systems is that they
A. Can be toxic to humans
B. Can cause more damage to equipment
C. Are the most expensive type of suppression system
D. Are not useful against type A fires

Difficulty: Easy

14. (p. 193) Mantraps are a good countermeasure against
A. Dumpster diving
B. Shoulder surfing
C. Tailgating
D. Phishing

Difficulty: Easy

15. (p. 185-187) Physical security policies and procedures relate to which two distinct areas?
A. Internal and external
B. Equipment and data
C. Computers and users
D. Countermeasures and response

Difficulty: Easy

16. (p. 181) The “security problem” can be summarized in the following statement:
A. Physical access negates all other security measures.
B. A stitch in time saves nine.
C. The more secure it is, the less functional it is.
D. No good deed goes unpunished.

Difficulty: Easy

17. (p. 183) An operating system designed to run the entire machine from an optical disc is referred to as a
A. Boot floppy
B. Live CD
C. Installation CD
D. Bootable thumbdrive

Difficulty: Easy

18. (p. 184) What kind of copy is a drive image?
A. Bit-by-bit copy
B. File-by-file copy
C. Partition copy
D. A copy of all images on the drive

Difficulty: Easy

19. (p. 188) All of the following are ways to prevent a computer from booting up from a bootable floppy EXCEPT:
A. Taking out the floppy drive.
B. Removing the a drive from the boot sequence.
C. Setting a bios password.
D. Making sure the floppy is not the first drive in the boot sequence.

Difficulty: Easy

20. (p. 198) An ionization fire detection device
A. Provides advanced warning for smoldering fires
B. Detects fast burning fires
C. Detects heat
D. Detects smoke

Difficulty: Easy

True / False Questions

21. (p. 201) A false positive is when a biometric is scanned and allows access—when it was not the person who has authorization.
TRUE

Difficulty: Easy

22. (p. 201) Your weight is a biometric.
FALSE

Difficulty: Easy

23. (p. 184) Drive imaging is the term used for copying all the image files from one drive to another.
FALSE

Difficulty: Easy

24. (p. 184) Besides physically securing your computers, there is little you can do to prevent drive imaging.
TRUE

Difficulty: Easy

25. (p. 185-187) The primary defense against a majority of physical attacks are doors, walls, gates, and fences.
TRUE

Difficulty: Easy

26. (p. 201) A false negative is when an unauthorized person is denied access.
FALSE

Difficulty: Easy

27. (p. 200) An access token is an example of “something you know,” in relation to authentication.
FALSE

Difficulty: Easy

28. (p. 198) Photoelectric detectors are good at detecting heat from a fire.
FALSE

Difficulty: Easy

29. (p. 197) The best type of fire extinguisher for putting out common, combustible fires is a class C.
FALSE

Difficulty: Easy

30. (p. 193) A mantrap is used to prevent piggybacking.
TRUE

Difficulty: Easy

Fill in the Blank Questions

31. (p. 203) ________ is the combination of two or more types of authentication.
Multiple-factor authentication

Difficulty: Medium

32. (p. 181) The _______________ is the weakest link in the security chain.
user

Difficulty: Medium

33. (p. 200) A house key is an example of a(n) __________.
access token

Difficulty: Medium

34. (p. 184) _______________ is the process is taking the entire contents of a hard drive and copying them to a single file on a different media.
Drive imaging

Difficulty: Medium

35. (p. 200) A(n) ___________ is a token that can enable cryptographic types of authentication.
smart card

Difficulty: Medium

36. (p. 188) Setting a password on the ___________ should delay or prevent an attacker from resetting the boot sequence to boot from a device other than the hard drive
BIOS

Difficulty: Medium

37. (p. 185) Theft of the computer, using a boot disk to simply erase all data on the drives, or simply unplugging computers are all effective for ___________.
denial of service

Difficulty: Medium

38. (p. 193) A(n) _______________ is made up of two doors closely spaced, which require the user to card through one, and then the other, sequentially.
mantrap

Difficulty: Medium

39. (p. 196) _______________ fire suppression systems are dangerous to humans and has been banned from newer systems.
Halon, halon-based

Difficulty: Medium

40. (p. 198) _______________ fire detectors monitor an internal beam of light.
Photoelectric

Difficulty: Medium

Essay Questions

41. (p. 182-183) Explain a simple way to combat boot disks.
Physically remove or disable them in the BIOS, floppy, and CD-ROM drives.

Difficulty: Hard

42. (p. 201-203) Explain very simply how biometrics works
Biometrics takes an analog item, such as a picture of a retina, and converts it to a number that can then be compared to a previously stored number. If these numbers are the same, then access will be granted.

Difficulty: Hard

43. (p. 203) What is multiple-factor authentication?
Multiple-factor authentication is simply the combination of two or more types of authentication. Three broad categories of authentication can be used: what you are (for example, biometrics), what you have (for instance, tokens), and what you know (passwords and other information). Two-factor authentication combines any two of these before granting access. An example would be a card reader that then turns on a fingerprint scanner—if your fingerprint matches the one on file for the card, you are granted access. Three-factor authentication would combine all three types, such as a smart card reader that asks for a PIN before enabling a retina scanner. If all three correspond to a valid user in the computer database, access is granted.

Difficulty: Hard

44. (p. 197) What are the types of fire, and their suppression methods?
Class A-common combustible; wood, paper, cloth, plastics; water or dry chemical. Class B-Combustible liquids, petroleum products, organic solvents; C02 or dry chemical. Class C-Electrical wiring and equipment, power tools; CO2 or dry chemical. Class D-Flammable metals, magnesium, titanium; copper metal or sodium chloride.

Difficulty: Hard

45. (p. 181-182) Why is the statement “Physical access negates all other security measures” true?
No matter how impenetrable the firewall and intrusion detection system (IDS), if an attacker can find a way to walk up to and touch a server, he can break into it. Physical access to a corporation’s systems can allow an attacker to perform a number of interesting activities, starting with simply plugging into an open Ethernet jack. The advent of handheld devices with the ability to run operating systems with full networking support has made this attack scenario even more feasible.

Difficulty: Hard