Review Questions
1. Who is responsible for implementing physical security? (Choose all that apply.)
A. The owner of the building
B. Chief information officer
C. IT managers
D. Employees
2. Which of these factors impacts physical security?
A. Encryption in use on the network
B. Flood or fire
C. IDS implementation
D. Configuration of firewall
3. Which of the following is physical security designed to prevent? (Choose all that apply.)
A. Stealing confidential data
B. Hacking systems from the inside
C. Hacking systems from the Internet
D. Gaining physical access to unauthorized areas
4. Which of the following is often one of the most overlooked areas of security?
A. Operational
B. Technical
C. Internet
D. Physical
5. A hacker who plants a rogue wireless access point on a network in order to sniff the traffic
on the wired network from outside the building is causing what type of security breach?
A. Physical
B. Technical
C. Operational
D. Remote access
6. Which area of security usually receives the least amount of attention during a penetration test?
A. Technical
B. Physical
C. Operational
D. Wireless
7. Which of the following attacks can be perpetrated by a hacker against an organization with
weak physical security controls?
A. Denial of service
B. Radio frequency jamming
C. Hardware keylogger
D. Banner grabbing
8. Which type of access allows passwords stored on a local system to be cracked?
A. Physical
B. Technical
C. Remote
D. Dial-in
9. Which of the following is an example of a physical security breach?
A. Capturing a credit card number from a web server application
B. Hacking a SQL Server in order to locate a credit card number
C. Stealing a laptop to acquire credit card numbers
D. Sniffing a credit card number from packets sent on a wireless hotspot
10. What type of attack can be performed once a hacker has physical access?
A. Finding passwords by dumpster diving
B. Stealing equipment
C. Performing a DoS attack
D. Performing session hijacking
11. What is the most important task after a physical security breach has been detected?
A. Lock down all the doors out of the building.
B. Shut down the servers to prevent further hacking attempts.
C. Call the police to begin an investigation.
D. Gather information for analysis to prevent future breaches.
12. Which of the following is a recommended countermeasure to prevent an attack against
physical security?
A. Lock the server room.
B. Disconnect the servers from the network at night.
C. Do not allow anyone in the server room.
D. Implement multiple ID checks to gain access to the server room.
13. What are some physical measures to prevent a server hard drive from being stolen? (Choose
all that apply.)
A. Lock the server room door.
B. Lock the server case.
C. Add a software firewall to the server.
D. Enforce badges for all visitors.
14. What is the name for a person who follows an employee through a locked door without
their own badge or key?
A. Tailgater
B. Follower
C. Visitor
D. Guest
15. Which of the following should be done after a physical site security breach is detected?
A. Implement security awareness training.
B. Establish a security response team.
C. Identify the stakeholders.
D. Perform penetration testing.
16. Which of the following should be physically secured? (Choose all that apply.)
A. Network hubs/switches
B. Removable media
C. Confidential documents
D. Backup tapes
E. All of the above
17. Which of the following are physical ways to protect portable devices? (Choose all that
apply.)
A. Strong user passwords
B. Cable locks to prevent theft
C. Motion-sensing alarms
D. Personal firewall software
18. Which of the following are physical security measures designed to prevent?
A. Loss of data or damage to systems caused by natural causes
B. Access to data by employees and contractors
C. Physical access to a customer database
D. Access to an employee database via the Internet
19. Which of the following could be caused by a lack of physical security?
A. Web server attack
B. SQL injection
C. Attack on a firewall
D. Implementation of a rogue wireless access point
20. Which of the following are indications of a physical site breach?
A. Unauthorized personnel recorded on a security camera
B. IDS log event recording an intruder accessing a secure database
C. An antivirus scanning program indicating a Trojan on a computer
D. An employee inappropriately accessing the payroll database
Answers to Review Questions
1. B, C, D. The chief information officer, along with all the employees, including IT managers,
is responsible for implementing physical security.
2. B. A fire or flood can affect physical security; all the other options are technical security
issues.
3. A, B, D. Physical security is designed to prevent someone from stealing confidential data,
hacking systems from the inside, and gaining physical access to unauthorized areas. Techni-
cal security defends against hacking systems from the Internet.
4. D. Physical security is one of the most overlooked areas of security.
5. A. In order to place a wireless access point, a hacker needs to have physical access.
6. B. Physical security usually receives the least amount of testing during a penetration test.
7. C. A hardware keylogger can be installed to capture passwords or other confidential data
once a hacker gains physical access to a client system.
8. A. Physical access allows a hacker to crack passwords on a local system.
9. C. Theft of equipment is an example of a physical security breach.
10. B. Stealing equipment requires physical access.
11. D. The most important task after a physical security breach has been detected is to gather
information and analyze to prevent a future attack.
12. A. Locking the server room is a simple countermeasure to prevent a physical security
breach.
13. A, B, D. Locking the server room and server cases and enforcing badges for all visitors are
physical controls. A software firewall is a technical control.
14. A. A tailgater is the name for an intruder who follows an employee with legitimate access
through a door.
15. C. After a physical site security breach, the stakeholders in the incident response process
need to be identified. Implement security awareness training, establish a security response
team, and perform penetration testing before another physical site security breach is
detected.
16. E. Network hubs and switches, removable media, confidential documents, and all backup
media tapes should be physically secured and then destroyed when they are no longer
needed.
17. B, C. Cable locks and motion-sensing alarms are physical countermeasures to prevent theft
of portable devices.
18. A. Physical security measures are designed to prevent loss of data or damage to systems
caused by natural causes.
19. D. A lack of physical security could allow a hacker to plant a rogue wireless access point
on the network.
20. A. Unauthorized personnel recorded on a security camera is an indication of a physical site
security breach.