Chapter Four
1. Outline and describe the basics of a physical security program. Include outer and inner perimeter controls and the roles of protective lighting and access control devices in the description.
These are the basics required for a physical security program to be effective. The first element is the mechanic in which security hardware are taken care of such as CCTV. Organizational aspect is also required which encompasses the staff and the rules to be followed in the organization. Architectural elements are needed which cover the first security philosophies.
2. Compare and contrast visual assessment, surveillance, and alarm systems. What role does each fulfill?
Visual assessment involves inspecting and analyzing security systems, parameters, and controls.Conversely, surveillance is designed to show footage either as images or videos, and its role is to record what happens either at home or organization. Alarm systems are those systems developed in a unique way to detect any person entering the organization without authority.
3. Physical security and access control systems are not complete without a human resource component. Explain. Are dedicated security personnel necessary in all organizations?
Human resource plays a significant role in physical security programs. The security managers’ plan and take keep a close eye to the security requirements of all the facilities. Security personnel is required to control the access of different individuals who try to enter the organization each day. They use electronic controls that detect authorized members.
4. Explain the concept of defense in depth? Why is this important in a physical protection system?
In physical security, defense of depth involves the use of several security control layers to protect the organization and its information. The primary purpose of this technique is to increase redundancy in case a third part tries to exploit a vulnerability in the system.It has three different types of control which ensure that the whole organization is protected. They include technical, physical and administrative controls.
5. What are the core elements of physical protection systems?
The major components of a physical protection system include a description which identifies how the system will work and technology, whereby the system has to incorporate the latest know-howtoguard against malware. It must also include operational limitations, applications, current deficiencies, costs, development status, and future capabilities.
6. Explain the various types of sensors. What are some key issues or factors to consider when using these multiple sensors in physical security?
Alarm systems use various sensors to detect unauthorized people at home or organization. These sensors include passive infrared motion detectors, ultrasonic detectors, magnetic switches, glass break detectors, and photoelectric beams. These sensors only operate well in Line of Sight (LOS), hence, always fail in non-LOS areas. Any object in motion triggers these sensors resulting in inaccurate results.
7. What are the roles of lighting and fences in physical security? What are some similar roles or function each has? What are some differences?
Lighting in physical security is used to detect an unauthorized intruder. It also recognizes any other form of criminal activity that may be undertaken at a given place. Fences, on the other hand, are the last outer physical security layer. They delay the attackers from gaining entry and also shows where the perimeter of a particular property is. Both fences and lighting increase the feeling of safety.
8. What is access control? Explain access control and its importance by using the concept of “defense in depth.”
In physical control, access controls are used to minimize the access of a particular group of people to a specific place or resource. They make sure only authorized users to have the right to use the resource. They are important as they keep the organization safe by controlling the movements. When several access controls at each security layer used, it is easy to detect who enters and leaves the organization.
9. Explain the role of guard forces in a physical security program.
Security guards have different responsibilities within an organization. To ensure physical security is high, they patrol the property to make sure that there is no intruder. Another role is to monitor the surveillance system to identify any unwanted movements in the premises. They inspect entry points in the compound together with the equipment and the buildings. Finally, they guard the entry points to give permissions to those entering and leaving the organization.
10. Explain the importance of fire prevention, detection, and control as part of an effective physical security program. What are some common fire protection systems?
Fire detection and prevention in organizations is crucial as it helps in reducing the spread of fire when it occurs. It also helps to contain the smoke,thus reducing damages to both people and property. Several different systems are design for fire protection. They include fire doors, dampers, fire floors, mortar coating, flame shields, and emergency exit lights.
Chapter Five
1. Describe the role of personal security in the protective function
The primary purpose of personnel security is the protection of a human asset, and a company against injury harm and accidents that result from both human and non-human failures. In some cases, their responsibilities extend to natural disasters where they help in the response and the mitigation of natural disasters.
2. The process for the selecting and recruitment of personnel
The recruitment process may either be internally or externally. In internally, candidates are looked for from within the company while in externally, may involve advertisements in trade fairs, newspaper and other means of advertising. Pre-employment screening is then done to determine how suitable an applicant is. By using various selection tools such as aptitude tests, checking resume among others, the most suitable applicant is then selected for the position.
3. Key elements of background investigation
Background investigation is the process by which the suitability of a candidate for employment is studied. It involves criminal history checks where the employer looks at whether the applicant has ever been involved in any criminal activity. Another element is the applicant’s credit history. Such investigations can help determine if he or she can be entrusted with the company’s assets.
4. What is continued reliability and how do we ensure continued reliability in the workplace?
Continued reliability is the process of ensuring the employees continue to be suitable for their positions. In order to ensure continued reliability, companies need to conduct continuous screening on their workers during their time in the company.
5. What is occupational safety? What is the role of OSHA and security in occupational safety?
Occupational safety is the process of ensuring the welfare of the employees at the workplace. OSHA is a set of regulations that are put in place to guarantee that employers maintain the best safety standards for their workers. OSHA officers are charged with the task of setting regulations and inspecting workplaces to enforce compliance with safety measures.
6. Explain executive protection. What are some of the major elements of the executive protection program?
Executive protection is the practice of using the services of security personnel in protecting a particular principal or person. The major requirements of an executive protection program are comprehensive threat analysis skills, surveillance and counter surveillance skills, medically trained, and possession of personal defense skills. These are the main skill sets that one requires for this program.
7. What is workplace violence (WPV)? What are some of the causes of WPV?
Workplace violence is ferocious acts made up of both physical assaults and threats that are directed to workers or other people in the workplace. Some of the major causes of the workplace violence is the act of blaming others for a failure, difficulty in controlling emotions, use of drugs, being a loner, fascination with weapons and acting impulsively.
8. What are the four types of workplace violence?
The four types of workplace violence are criminal intent where the perpetrator has no relationship with the victim, customer or client where the perpetrator has a relationship with the victim, worker or workplace where the victim and the perpetrator are colleagues, and personal relationship in which the perpetrator is related to the victim on a personal level.
9. What are some key elements of an effective WPV prevention program?
Some of the critical elements of WPV prevention program include managerial support and commitment, workplace safety analysis, control and prevention, administrative controls, training, response to post- incidences, and safe work practices.
10. What is corporate kidnapping? How can it be mitigated/ prevented?
Corporate kidnapping is the abduction of workers for ransom. It involves the process of holding a company at ransom by abducting the employees and making the firm liable to pay for their release. Corporate kidnappings can be prevented through the enactment of criminal sanctions by the government, education of employees on the dangers of traveling abroad, and provision of safe travel tactic trainings. These trainings involve a variety of topics, which include dressing in a manner that one will blend in with the locals.
Information Security
1. What is INFOSEC and what is the purpose of INFOSEC?
INFOSEC involves techniques that are used by system administrators to protect their vital data from access by unauthorized parties. The main purpose of INFOSEC is to ensure data confidentiality, availability, and integrity. When creating these security policies, these principles must be considered. INFOSEC involves both digital and physical security measures.
2. Explain the elements of the CIA Triad
The features of CIA Triad are the main essential components of security and include confidentiality, integrity, and availability. Confidentiality ensures that private data is not exposed to attackers. Integrity provides that the evidence is consistent, accurate and remain trusted throughout the whole process. Availability makes sure that the system is always updated to make information available and reliable.
3. Identify three threats to critical information and describe strategies to protect the data. What role does risk assessment play in the information protection function?
The most common threats to critical information in organizations include malware, Trojan horse and worms. Several strategies are used to protect the information and the mostly used include data encryption and two-factor authentication. Risk assessment in a system is essential as it identifies a vulnerability in the order and fixes it before hackers exploit it.
4. What is social engineering? How do you protect against social engineering activities?
This is a security threat which is employed by attackers to convince system users to give out their private information such as usernames, date of birth, passwords and bank information. To prevent from social engineering, users should avoid downloading files from unknown sources in their emails, set their spam filter high, and also install the latest antivirus software.
5. What is business continuity? Provide an example of a business continuity plan.
Business continuity is the ability of a business to be able to maintain its operations at the highest point during and even after a disaster has already occurred. They have an excellent plan to deal with immense disasters. Examples include crisis management plan, fire management plan as well as data breach and recovery plan.
6. What are the three types of access control policies used in organizations?
Discretionary access control makes the business owner accountable for allowing individuals to entering the organization. Mandatory access control does not allow the owner to take an active role in enabling people in and out of the organization. Individuals have labels to allow their access. Role-based access control is a technology that permits access in the organization basing on their roles in the company.
7. Outline and describe the strategies for protecting computer systems and databases.
Different people use diverse strategies to protect their computers. They include firewall installation, which blocks unauthorized parties from accessing the network, use of strong passwords that cannot be easily guessed, installing anti-spyware programs and checking the security settings for browsers. Most importantly, passwords that are complex and strong are not easily guessed by attackers.
8. What are trade secrets? How do they differ from other types of information?
Trade secrets include commercial and manufacturing mysteries that give a particular company a competitive advantage in the market. If a person uses such information without the knowledge of the firm in question, they can be sued and face legal actions. It differs from other information as it contains sales methods, advertisement strategies and methods of distribution.
9. Traditional criminal identification and investigation methods are inappropriate for a computer-related crime. Explain.
In order to be able to identify computer relate crimes, the investigator must have full information in forensic identification. Due to technological advancement in this field, it has become difficult to use the traditional criminal identification methods to establish the real criminals. Technologies used here include Phenom Sem, digital surveillance, alternative light photography and facial reconstruction.
10. Reflect on your personal actions and activities that compromise information security. What are some ways to correct these actions?
There are some individual activities that are done every day which may unknowingly result in a breach of information security. Some of the examples include clicking on email links without verifying and using computers without updated anti-virus software. These activities can be corrected by being safety cautious such as ascertaining the sources from which the links in emails are coming from. It is also crucial to keep the security programs on the computer updated.
Do you need high quality Custom Essay Writing Services?