Create New Article

Wiki Search

 
 
Google
Personal tools

Organizational Security

From Proprofs

Organizational Security

You are here: Home > Schools > Comptia > Security+ Certification > Wiki Home > Study Guide


Security+ Study Guide

Image:logoSmall.jpg

Table Of Contents

Contents

[edit section] Organizational Security

Thus far, we have learned the tough stuff – the technically-oriented portions of the exam. We haven’t finished learning all of the technical items yet, either! However, we will take a short break from the technical aspects of the exam to take a look at organizational security, a relatively simple and common-sense portion of the exam you should do quite well on.

[edit section] Physical Security

Physical security refers to the aspects of information security that are related to physical threats, such as fire or natural disasters. We will cover some basic physical security threats below:


[edit section] Fire

Remember that fire needs heat, oxygen, and fuel to burn. Also remember that there are four classes of fires:

  • A, which includes common combustibles
  • B, which includes burnable fuels
  • C, which includes electronics
  • D, which includes chemical and other fires


There are also three common methods of fire detection:

  • Heat-sensing, which detects fires by temperature
  • Flame-sensing, which detects fires by the flicker of a flame or infrared detection
  • Smoke-sensing, which detects fires by variations in light intensity or presence of CO2


There are also a number of different systems to suppress fire:

  • Water: Traditional method and effective against Class A fires
  • CO2: Suppresses by removing O2 element. Useful against Class B and C fires
  • Soda acid: Combination of chemicals used to eliminate Class A, B fires
  • Halon: Useful against A,B, and C fires but illegal by Montreal Protocol (ozone depleting)

[edit section] HVAC

You should note that HVAC (heating, ventilation, and air conditioning) simply refers to the typical environmental controls that we would call “air conditioning.” For the purposes of the exam, you should use common sense and note that:

  • High temperatures can cause computer equipment, especially processors, to over-heat and perform poorly
  • High humidity can cause corrosion in equipment due to water damage
  • Low humidity creates an environment suited for too much static electricity (ESD)


[edit section] Electricity and Power

Remember that electrical power originates from a utility substation or a power grid and that it would be to your best interest to have access to electric distribution panels (circuit breakers and so forth). Also note some of the following information on electric power:

  • EPO (Emergency power-off) switches are used to shut down power immediately
  • Backup power sources can be used to ensure continuity in the case of a disaster
  • Backup sources should be used in critical applications, such as servers and physical access equipment

ESD is also covered on the exam, so you should know that:

  • ESD is electrostatic discharge, a convoluted term for static electricity build-up and release
  • ESD can be prevented by 40 to 60 percent humidity levels, grounding, and antistatic floor mats (and other antistatic material)

Electric noise is the crossover or interference that occurs in electrical wires due to high-energy electrons “crossing over” into another wire or signal. To avoid this, you should:

  • Use power line conditioners and surge protectors
  • Grounding and shielded cabling


[edit section] Business Continuity and Disaster Recovery Planning

The idea of business continuity revolves around the premise that your business should continue to operate in the face of a disaster. Disaster recovery planning, in contrast, is related to the effort to recover infrastructure that fails as the result of a disaster.


[edit section] Quick Review

1. Which of the following fires can be put out easily with water?

a. Class A

b. Class B

c. Class C

d. Class D


2. Which of the following conditions would have little effect on the ability for systems to continue functioning?

a. 80% humidity

b. 15% humidity

c. -10 degrees Celsius temperature

d. 100 degrees Celsius temperature

e. 0% humidity


3. Which of the following should be included in a BCP (business continuity plan)?

a. How information on servers that come down will later be retrieved

b. How to salvage existing equipment

c. How to shift the load of processing to backup emergency servers

d. How to mitigate the risk of a network attack

[edit section] Answers

1. Only Class A fires can be effectively extinguished with water. The answer is A.


2. While mild humidity, dryness, or high temperatures can result in equipment failure, slightly uncomfortable low temperatures will rarely result in equipment failure. The answer is C.


3. Answers A and B are concerned with how to recover assets that had been lost after the disaster. Answer D is not concerned with continuity planning, but rather, risk mitigation. The answer is C.

<<                              Table Of Contents                               Next Page>>>

Top 5 Contributors to this article

UsersArticle Contributions
Proprofs 7 contribs
james 3 contribs

 
   
Home  |  Site Map  |  Contact
Copyright © 2005-2014 ProProfs.com - Privacy & Terms