Social Engineering and Physical Security Controls

 
CompTIA Security+ Study Guide
(SY0-501)
 
Chapter 10: Social Engineering and
Other Foes
 
Compare and contrast types of attacks
Explain the importance of physical security
controls
Compare and contrast various types of controls
Given a scenario, carry out data security and
privacy practices
 
 
 
 
Chapter 10: Social
Engineering and Other Foes
 
 
Social Engineering
 
Social engineering
The process by which intruders gain access to your
facilities, your network
, 
and even to your employees by
exploiting the generally trusting nature of people.
Social engineering attacks (types of)
Shoulder surfing
Dumpster diving
Tailgating
Impersonation
Hoaxes
Whaling
Vishing
 
Principles Behind Social
Engineering
 
Authority
Intimidation
Consensus/social proof
Scarcity
Urgency
Familiarity/liking
Trust
 
Access controls
A critical part of physical security
Physical barriers
Objective: to prevent access to computers
and network systems
Multiple barrier system
Having more than one physical barrier to
cross
Systems should have a minimum of three
physical barriers
 
Physical Security
 
Hardware locks and security
Involves applying physical security
modifications to secure the system(s)and
prevent them from leaving the facility
Mantraps
Require visual identification, as well as
authentication, to gain access
 
Chapter 10: Social
Engineering and Other Foes
 
Hardware Locks
 
Chapter 10: Social
Engineering and Other Foes
 
Video surveillance
Camera vs. guard
Fencing/perimeter security
Access list
Proper lighting
Signs
Guards
Barricades
 
Biometrics
Use some kind of unique biological trait to
identify a person, such as fingerprints,
patterns on the retina, and handprints
Protected distribution
Alarms
Motion detection
 
Chapter 10: Social
Engineering and Other Foes
 
Environmental controls
HVAC
Fire suppression
EMI shielding
 
Chapter 10: Social
Engineering and Other Foes
 
EMI Interference
 
Surge protectors
Protect electrical components from
momentary or instantaneous increases
(called spikes) in a power line
Power conditioners
Active devices that effectively isolate and
regulate voltage in a building
Backup power
Generally used in situations where
continuous power is needed in the event of
a power loss
 
Products that Solve Most
Electrical Line Problems:
 
EMI shielding
Electromagnetic interference (EMI)
frequency interference (RFI)
T
he process of preventing electronic emissions
from your computer systems from being used
to gather intelligence and preventing outside
electronic emissions from disrupting your
information-processing abilities
Hot and cold aisles
 
 
Chapter 10: Physical and
Hardware-Based Security
 
Hot and Cold Aisles
Slide Note
Embed
Share

This chapter delves into the insidious world of social engineering attacks, including shoulder surfing, dumpster diving, and impersonation, and explores the principles behind social engineering such as authority, scarcity, and trust. It also emphasizes the importance of physical security controls like access barriers, hardware locks, and video surveillance in safeguarding against unauthorized access to systems and facilities.

  • Social Engineering
  • Physical Security Controls
  • Cybersecurity
  • Data Privacy
  • Information Security

Uploaded on Aug 03, 2024 | 4 Views


Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript


  1. CompTIA Security+ Study Guide (SY0-501) Chapter 10: Social Engineering and Other Foes

  2. Chapter 10: Social Engineering and Other Foes Compare and contrast types of attacks Explain the importance of physical security controls Compare and contrast various types of controls Given a scenario, carry out data security and privacy practices

  3. Social Engineering Social engineering The process by which intruders gain access to your facilities, your network, and even to your employees by exploiting the generally trusting nature of people. Social engineering attacks (types of) Shoulder surfing Dumpster diving Tailgating Impersonation Hoaxes Whaling Vishing

  4. Principles Behind Social Engineering Authority Intimidation Consensus/social proof Scarcity Urgency Familiarity/liking Trust

  5. Physical Security Access controls A critical part of physical security Physical barriers Objective: to prevent access to computers and network systems Multiple barrier system Having more than one physical barrier to cross Systems should have a minimum of three physical barriers

  6. Chapter 10: Social Engineering and Other Foes Hardware locks and security Involves applying physical security modifications to secure the system(s)and prevent them from leaving the facility Mantraps Require visual identification, as well as authentication, to gain access

  7. Hardware Locks

  8. Chapter 10: Social Engineering and Other Foes Video surveillance Camera vs. guard Fencing/perimeter security Access list Proper lighting Signs Guards Barricades

  9. Chapter 10: Social Engineering and Other Foes Biometrics Use some kind of unique biological trait to identify a person, such as fingerprints, patterns on the retina, and handprints Protected distribution Alarms Motion detection

  10. Chapter 10: Social Engineering and Other Foes Environmental controls HVAC Fire suppression EMI shielding

  11. EMI Interference

  12. Products that Solve Most Electrical Line Problems: Surge protectors Protect electrical components from momentary or instantaneous increases (called spikes) in a power line Power conditioners Active devices that effectively isolate and regulate voltage in a building Backup power Generally used in situations where continuous power is needed in the event of a power loss

  13. Chapter 10: Physical and Hardware-Based Security EMI shielding Electromagnetic interference (EMI) frequency interference (RFI) The process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities Hot and cold aisles

  14. Hot and Cold Aisles

More Related Content

giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#