topic Re: Physical security in Tech Talk

Physical security

Chuxing — Tue, 21 May 2019 14:29:15 GMT

Most of us probably paid little attention on physical security during our CISSP prep, at least I did. So here's an example question:

For an office building, the secure entry system should be set at:

a. fail-open

b, fail-close

c. ...

d. ...

It so happened the place I work, a short while ago, the card-reader system failed, and for a short while (thank God) the system was in the state of fail-locked. Guess some smart one figured this suppose to be a secure building.

Cheers,

Re: Physical security

rslade — Tue, 21 May 2019 16:34:26 GMT

> Chuxing (Community Champion) posted a new topic in Tech Talk on 05-21-2019 10:29

> Most of us probably paid little attention on physical security during our CISSP
> prep, at least I did.

Actually, I had rather a lot of phys sec experience by the time I sat the exam ...

> So here's an example question: For an office building,
> the secure entry system should be set at: a. fail-open b, fail-close c. ... d.
> ... It so happened the place I work, a short while ago, the card-reader system
> failed, and for a short while (thank God) the system was in the state of
> fail-locked. Guess some smart one figured this suppose to be a secure building.

[Fail buzzer sound]

I'm sorry, you have failed to note the primary phys sec concept: life safety. For an office building, absent any statements in the question about special security requirements (like "national security" or above), the default should be "fail open" so that people can, for example, escape a fire ...

Re: Physical security

denbesten — Wed, 22 May 2019 03:29:45 GMT

@rslade wrote:
... the primary phys sec concept: life safety. ... for example, escape a fire ...

Life-safety encompasses more than just fire-safety. I was reminded of this today when I got an alert that my kids's school was on lock-down due to an external threat (subsequently resolved without injury). The best failure state for a (non-public) office door is to prevent ingress while permitting egress (e.g. locked only from the outside).

Since the question refers to "secure entry system", the best answer is (B) fail-closed because it is specifically asking about ingress, which implies that egress occurs through different doors.

Had the question been "For an office building, the doors should be set at:", the best answer would be (A) fail-open because when balancing both the ingress and egress scenarios one must take into account that failures are more likely to occur because of a fire than during an attack.

On the other hand, if this question were to come up on a CISSP exam, I probably would select "A" because the test-taking objective is to select the same answer as the author; not to select the answer you can best (pedantically) defend.

That said, "fail-open", "fail-closed" and "fail-locked" are not the best terms to use when referring to a door because "open" can mean either "ajar" or "unlocked" and because it is possible for a door to be simultaneously locked from the outside yet latched from the inside. Much clearer is to use "locked only from the outside" or "dead-bolted". In more technical settings the words ingress and egress are also useful for absolute clarity.

I presume that @Chuxing's original comment was that his building was preventing egress. If management does not get that corrected, it should be reported to the local fire chief.

Re: Physical security

vt100 — Wed, 29 May 2019 13:03:34 GMT

"Since the question refers to "secure entry system", the best answer is (B) fail-closed because it is specifically asking about ingress, which implies that egress occurs through different doors."

Ah, the beauty of semantics:)

I would've chosen a "B" and would've lived with the nagging suspicion that I should've chosen "A", because of the uncertainty in the writer's intent.

Could those responsible for the CISSP exams share with us exactly how precise are the questions?

Re: Physical security

denbesten — Wed, 29 May 2019 22:05:26 GMT

@vt100 wrote:
Could those responsible for the CISSP exams share with us exactly how precise are the questions?

I suspect not. Everyone involved with the question pool is bound by NDA, which likely has stiff penalties, given that (ISC)² values the question pool at $2,858,595.

Re: Physical security

Chuxing — Thu, 30 May 2019 01:02:59 GMT

Oh come, come, it was just to illustrate a point that, someone who initially configured the system didn’t realize the seriousness of a building with people must always put the occupants’ safety first.

I just made made up the question on the fly, don’t confuse with the actual ISC2 exam questions, which are developed much more rigorously

cheers,

Re: Physical security

Steve-Wilme — Thu, 30 May 2019 09:01:29 GMT

An entry system should fail closed, but there should be a means of overriding it to exit the building; for example in the event of a fire or bomb scare. If you use maglocks on doors internally, you should have installed a 'press to exit' to get from more to less secure areas within your building, so an access card or code isn't required to get to an escape route in an emergency.

Normally there will be doors in fire escapes fitted with crash bar panic devices to allow exit but not entry to the premises.