Objective 6.5: Device Security


Objective 6.5: Explain issues that affect device security

Physical securityEdit

Electronic access control

Physical security describes both measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media and guidance on how to design structures to resist various hostile acts. It can be as simple as a locked door or as elaborate as multiple layers of armed security guards and guardhouses.

In a well designed system, these features must complement each other. There are at least four layers of physical security:

  • Environmental design
  • Mechanical and electronic access control
  • Intrusion detection
  • Video monitoring

The goal is to convince potential attackers that the likely costs of attack exceed the value of making the attack.

Restricting local and remote accessEdit

Secure methods vs. unsecure methodsEdit

Secure Method Unsecure Method
SSH (Secure Shell) Telnet and RSH (Remote Shell)
HTTPS (Hypertext Transfer Protocol Secure) HTTP (Hypertext Transfer Protocol)
SFTP (Secure File Transfer Protocol) FTP (File Transfer Protocol)
SNMPv3 (Simple Network Management Protocol version 3) SNMPv1/2 (Simple Network Management Protocol version 1 or 2)
SCP (Secure Copy Protocol) RCP (Remote Copy Protocol)

Objective 1.1 also requires knowledge of some of these protocols.

« Network Security
Objective 6.5: Device Security
»
Objective 6.4: User Authentication Objective 6.6: Threat Mitigation
Last modified on 24 May 2010, at 15:54