Scribd
Upload
47 views

CH 10

This chapter discusses social engineering, physical security controls, and other threats. It compares different types of social engineering attacks that exploit human trust as well as physical security controls like access controls, barriers, locks, surveillance and biometrics. The chapter also covers environmental controls, power protection, and electromagnetic interference shielding to protect hardware from disruptions.

Uploaded by

oleg
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
47 views

CH 10

This chapter discusses social engineering, physical security controls, and other threats. It compares different types of social engineering attacks that exploit human trust as well as physical security controls like access controls, barriers, locks, surveillance and biometrics. The chapter also covers environmental controls, power protection, and electromagnetic interference shielding to protect hardware from disruptions.

Uploaded by

oleg
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 15

CompTIA Security+ Study Guide

(SY0-501)
Chapter 10: Social Engineering and
Other Foes
Chapter 10: Social Engineering and
Other Foes

• Compare and contrast types of attacks


• Explain the importance of physical security
controls
• Compare and contrast various types of controls
• Given a scenario, carry out data security and
privacy practices
Social Engineering
• Social engineering
– The process by which intruders gain access to your
facilities, your network, and even to your employees by
exploiting the generally trusting nature of people.
• Social engineering attacks (types of)
– Shoulder surfing
– Dumpster diving
– Tailgating
– Impersonation
– Hoaxes
– Whaling
– Vishing
Principles Behind Social
Engineering
• Authority
• Intimidation
• Consensus/social proof
• Scarcity
• Urgency
• Familiarity/liking
• Trust
Physical Security
• Access controls
– A critical part of physical security
• Physical barriers
– Objective: to prevent access to computers
and network systems
• Multiple barrier system
– Having more than one physical barrier to
cross
– Systems should have a minimum of three
physical barriers
Chapter 10: Social Engineering and
Other Foes
• Hardware locks and security
– Involves applying physical security
modifications to secure the system(s)and
prevent them from leaving the facility
• Mantraps
– Require visual identification, as well as
authentication, to gain access
Hardware Locks
Chapter 10: Social Engineering and
Other Foes
• Video surveillance
• Camera vs. guard
• Fencing/perimeter security
• Access list
• Proper lighting
• Signs
• Guards
• Barricades
Chapter 10: Social Engineering and
Other Foes

• Biometrics
– Use some kind of unique biological trait to
identify a person, such as fingerprints,
patterns on the retina, and handprints
• Protected distribution
• Alarms
• Motion detection
Chapter 10: Social Engineering and
Other Foes

• Environmental controls
– HVAC
– Fire suppression
– EMI shielding
EMI Interference
Products that Solve Most Electrical
Line Problems:
• Surge protectors
– Protect electrical components from
momentary or instantaneous increases
(called spikes) in a power line
• Power conditioners
– Active devices that effectively isolate and
regulate voltage in a building
• Backup power
– Generally used in situations where
continuous power is needed in the event of
a power loss
Chapter 10: Physical and
Hardware-Based Security
• EMI shielding
– Electromagnetic interference (EMI)
– frequency interference (RFI)
• The process of preventing electronic emissions
from your computer systems from being used
to gather intelligence and preventing outside
electronic emissions from disrupting your
information-processing abilities
• Hot and cold aisles
Hot and Cold Aisles

You might also like