Physical and Environmental Security

5 minutes 5 Questions

Physical and environmental security focuses on the protection of an organization's physical assets, such as buildings, data centers, equipment, and personnel, from potential threats and environmental hazards. This domain encompasses various measures, like access controls to secure facilities, close…

Guide to Physical and Environmental Security

What is Physical and Environmental Security?
Physical and Environmental Security is a key aspect of Information Systems Security that involves measures taken to protect systems, buildings, and related supporting infrastructure against threats associated with their physical environment.

Why is it important?
Physical and Environmental Security safeguards an organization's assets, personnel, and operations from physical threats, which may include natural disasters, fire, theft, vandalism, and terrorism. Inadequate protection could lead to business disruption, financial losses, or damage to an organization's reputation.

How does it work?
This security involves the implementation of physical measures (including security personnel, locks, etc.), environmental controls (such as fire suppression systems, flood prevention, etc.), and appropriate policies and procedures. Regular risk assessment and testing of these controls are crucial to ensure their effectiveness.

Exam Tips: Answering Questions on Physical and Environmental Security
Understand the concepts: CISSP exam could ask you to apply your understanding of physical and environmental security to different scenarios. Ensure you understand the core concepts, principles, and measures.
Review commonly used physical security controls: Familiarize yourself with different types of physical security controls, their purpose, and when they might be appropriate to use.
Consider all angles: When answering questions, consider all perspectives – what physical threats could potentially affect the given scenario, and what controls and standards should be in place.
Practice: Utilize practice exams and sample questions that cover physical and environmental security topics to strengthen your understanding and readiness for the exam.

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

A new data center is being built, and the company must ensure that it is resilient to natural disasters. What factors should be evaluated during the site-selection process?

Leased line capacity, distance from critical infrastructure, and transportation options Probability of natural disasters, distance from critical infrastructure, and local climate conditions Local climate, transportation options, and distance from competitors Distance from the corporate headquarters, existing construction infrastructure, and transportation options

Correct Answer: Probability of natural disasters, distance from critical infrastructure, and local climate conditions

The probability of natural disasters, distance from critical infrastructure, and local climate conditions are essential factors in determining the location of a data center to ensure resilience against natural disasters. The other options may be important in other contexts but are not the primary concerns for disaster resilience.

Question 2

A warehouse contains sensitive documents and has multiple points of entry. Given the increased risk of unauthorized access, which physical security control is the most effective to implement?

Discretionary access control Mandatory access control Rule-based access control Role-based access control

Correct Answer: Mandatory access control

Mandatory access control (MAC) is the most effective control in this scenario because it enforces strict access rules based on security labels and user clearances. The other options are less strict and may not effectively protect against unauthorized access in a high-risk environment.

Question 3

A company has a restricted area where only authorized personnel can enter. Which combination of controls will provide the best defense-in-depth for physical access to the area?

Key lock, security guard, and video surveillance Card reader, biometric scanner, and security guard Biometric scanner, video surveillance, and visible badge system Card reader, visible badge system, and password entry

Correct Answer: Card reader, biometric scanner, and security guard

The combination of a card reader, biometric scanner, and security guard offers diverse and layered security controls. This reduces the likelihood of unauthorized access. The other combinations may provide some protection but have weaknesses or points of failure that the correct answer does not have.

🎓 Unlock Premium Access

CISSP + ALL Certifications

More Physical and Environmental Security questions

12 questions (total)