CompTIA Security_ Deluxe Study Guide_ SY0-201 - Emmett Dulaney [142]
17. A. Lightweight Directory Access Protocol (LDAP) is a directory access protocol used to publish information about users. This is the computer equivalent of a phone book.
18. B. Relational database systems are the most frequently installed database environments in use today.
19. A. SQL is a powerful database access language used by most relational database systems.
20. C. A three-tiered model puts a server between the client and the database.
Chapter 6
Securing the Network and Environment
THE FOLLOWING COMPTIA SECURITY+ EXAM OBJECTIVES ARE COVERED IN THIS CHAPTER:
✓ 3.1 Identify and apply industry best practices for access control methods.
■ Implicit deny
■ Least privilege
■ Separation of duties
■ Job rotation
✓ 3.9 Explain and apply physical access security methods.
■ Physical access logs/lists
■ Hardware locks
■ Physical access control—ID badges
■ Door access systems
■ Man-trap
■ Physical tokens
■ Video surveillance—camera types and positioning
✓ 4.1 Conduct risk assessments and implement risk mitigation.
✓ 6.4 Identify and explain applicable legislation and organizational policies.
■ User education and awareness training
✓ 6.5 Explain the importance of environmental controls.
■ Fire suppression
■ HVAC
■ Shielding
✓ 6.6 Explain the concept of and how to reduce the risks of social engineering.
■ Shoulder surfing
■ User education and awareness training
Several years back, InformationWeek conducted a survey in partnership with Accenture. As part of the survey, the question, “What are the biggest security challenges facing your company?” was asked. Multiple responses were allowed, and 58 percent of the respondents stated that managing the complexity of security was one of their biggest challenges. As evident by this survey, security is a major concern for many organizations. Keeping computers and networks secure involves more than just the technical aspects of the systems and networks. You must address the physical environment and the business as it exists. Doing so involves evaluating physical security, social engineering issues, and environmental issues; some of these topics were introduced in earlier chapters, but they’re tied together cohesively here. All of these issues require a balanced response from both a technical perspective and a business perspective.
This chapter will help you understand the importance of physical security measures such as access controls, physical barriers, and biometric systems. It also covers social engineering and the environment your systems need in order to be safe and operational. This chapter also discusses securing the network and looks at security zones and partitioning. Finally, this chapter addresses business issues, including planning, policies, standards, guidelines, security standards, and information classification.
Understanding Physical and Network Security
Physical security measures prevent your systems from being accessed in unauthorized ways, primarily by preventing an unauthorized user from physically touching a system or device. Most networked systems have developed high levels of sophistication and security from outside intruders. However, these systems are generally vulnerable to internal attacks, sabotage, and misuse. If an intruder has physical access to your systems, you should never consider them to be secure.
The following sections discuss the aspects of physical security that affect your environment, including access controls, social engineering, and the environment.
Implementing Access Control
Access control is a critical part of physical security. Systems must operate in controlled environments in order to be secure. These environments must be, as much as possible, safe from intrusion. Computer system consoles can be a vital point of vulnerability because many administrative functions can be accomplished