Page 622 - StudyBook.pdf
P. 622

606    Chapter 11 • Operational and Organizational Security: Incident Response

             Introduction


             This chapter covers the concepts of applying physical security such as barriers, locked
             doors, biometrics, and other applications to secure an area against penetration.
                 What do you do after a system has been penetrated? As a Security+ technician,
             it is important to understand the different types of incidents and how to respond to
             them. Incident response and forensics are covered in detail later in this chapter.
                 Security+ technicians must also understand risk assessment and how to rate the
             risk levels of various vulnerabilities. Risk assessment involves identifying areas of a
             business that are threatened by a potential loss, and the threats facing them. Once
             the risks are identified, countermeasures can be created to reduce the likelihood
             that they will become reality.

             Physical Security


             When people consider computer and network security, the focus revolves around
             accounts, passwords, file permissions, and software that limits and monitors access.
             However, even though a user’s account has been denied access to files on a server,
             what is to stop that user from opening files directly at the server instead? Worse yet,
             what is to prevent them from stealing the server’s hard disk? Issues like these are
             why physical security is so important to the protection of data and equipment.
                 Physical security involves protecting systems from bodily contact. It requires
             controlling access to hardware and software, so that people are unable to damage
             devices and the data they contain. If people are unable to have physical access to
             systems, they will not be able to steal or damage equipment. Physical security also
             limits or prevents their ability to access data directly from a machine, or create
             additional security threats by changing account or configuration settings.
                 Physical security also requires protecting systems from the environmental con-
             ditions within a business. Environmental conditions such as floods, fires, electrical
             storms, and other natural disasters can result in serious losses to a business.These
             conditions can also leave a business exposed to situations such as power outages,
             leakage of data due to poor shielding, and other potential threats.Without strong
             physical security in place, unauthorized persons can access information in a variety
             of ways.When designing physical security, the first step is to identify what needs to
             be protected and what it needs to be protected from. Inventories should be made
             of servers, workstations, network connectivity devices, and other equipment within
             an organization.





          www.syngress.com
   617   618   619   620   621   622   623   624   625   626   627