September 2009
Intermediate to advanced
307 pages
7h 46m
English
Content preview from Unauthorised Access: Physical Penetration Testing For IT Security Teams
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
10.1. Physical Security
This part of the security policy describes the physical threats that an organization faces, the measures in place to protect it, and specific guidance on implementation. In the context of information security, the goal is to protect the information systems from attack and compromise. This can be achieved in a number of ways and simple examples include requiring doors to be locked or specifying a particular brand of high-security lock to be used. Physical security can be described in as detailed a manner as you wish but usually covers the following areas:
Perimeter security;
Cameras and closed-circuit TV;
Access control;
Human security;
Physical mail security;
Again, this list is not set in stone and contains overlapping subject matter.
10.1.1. Perimeter Security
Perimeter security ensures that the physical borders of the site are secure. The way this is implemented in practice is dependent on the nature of the site, the assets needing protection and the perceived level of threat. For example, a paper factory probably doesn't need 3-meter walls capped with razor wire and motion sensors but for a prison this would be the bare minimum. The security function of a perimeter is to provide a physical and legal deterrent to intrusion and a clear, legally enforceable perimeter.
Examples of policy statements that address perimeter security include the following:
Perimeter fencing should be no less than [3] meters tall and by its nature should indicate the boundary of ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.