CompTIA Security+ Study Guide (SY0-401) “Chapter 10: Social Engineering and Other Foes”

Chapter 10: Social Engineering and Other Foes Compare and contrast physical security and environmental controls. Summarize social engineering attacks and the associated effectiveness with each attack. Analyze a scenario and select the appropriate type of mitigation and deterrent techniques. Given a scenario, select the appropriate solution to establish host security. Implement the appropriate controls to ensure data security. Given a scenario, select the appropriate authentication, authorization, or access control.

Social Engineering Social engineering is the process by which intruders gain access to your facilities, your network, and even to your employees by exploiting the generally trusting nature of people. Video 1 – Social Engineer a Business Video 2 - Social Engineer a person

Social Engineering Attacks Shoulder Surfing – watch someone enter their password Dumpster Diving – the importance of shredding BEFORE recycling or throwing away Tailgating (Hold the door)

Social Engineering Attacks Impersonation – pretending to be someone you are not Over the phone In person Example A, Example B

Social Engineering Attacks Hoaxes – e.g. “download this patch to protect you from the bone cancer virus that gives your computer cancer!” Whaling – targeted spear phishing for a “whale” a.k.a. someone with a lot of power Vishing – voice phishing

Principles Behind Social Engineering Authority – they pretend to be your boss Intimidation – threats (if you don’t do this… I need this done now, etc) Consensus/Social Proof – kill them with kindness Scarcity – I can do this now or a month from now Urgency – you’re putting X at risk Familiarity/Liking Trust – they do something for you first

Physical Security Access control is a critical part of physical security

Physical Security Physical barriers the objective of a physical barrier is to prevent access to computers and network systems

Lenel Onguard

Multiple barrier system Having more than one physical barrier to cross Systems should have a minimum of three physical barriers (perimeter, area, room)

Physical Security Hardware Locks and Security involves applying physical security modifications to secure the system(s)and prevent them from leaving the facility Mantraps require visual identification, as well as authentication, to gain access

Desktop Hardware Lock Prevents the case from being opened (HDD being stolen) or the tower from being stolen

Physical Security Video Surveillance – placement (mantraps, entrance/exit, loading dock, etc) Camera vs. Guard – who’s monitoring the camera vs human error Fencing/Perimeter Security – deterrent and your first line of defense Access Control List – e.g. Lenel Onguard badge access Proper Lighting - deterrent Signs – deterrent – authorized personnel only, violators will be pointed at Guards – expensive and prone to social engineering Barricades – think military, prevent someone from ramming through

Physical Security Biometrics Biometric systems use some kind of unique biological trait to identify a person, such as fingerprints, patterns on the retina, and handprints Protected Distribution Systems (PDS) Network is so physically secure (e.g. NSA, no cell phones allowed, no USBs, no unauthorized personnel) that network security is relaxed Alarms – divide buildings into security zones Motion Detection – turn on cameras, lights, sound an alarm, etc

Environmental Controls HVAC (includes humidity monitoring) EMI Shielding Faraday cage – Woven, grounded cable mesh that surrounds a room to “catch” (reduce) EMI

Environmental Controls Fire Suppression Fire Extinguisher Types Wood and Paper (water/chemical) Flammable Liquids (chemicals) Electrical (nonconductive chemicals) Flammable metals (varies) Annual inspections Fixed systems Overhead sprinklers HALON (gas emitting sprinklers, much better for electronic equipment!)

Hot and Cold Aisles

Products that Solve Most Electrical Line Problems: Surge Protectors protect electrical components from momentary or instantaneous increases (called spikes) in a power line Power Conditioners are active devices that effectively isolate and regulate voltage in a building Backup Power is generally used in situations where continuous power is needed in the event of a power loss

Chapter 10: Physical and Hardware-Based Security EMI Shielding Electromagnetic interference (EMI) frequency interference (RFI) Shielding refers to the process of preventing electronic emissions from your computer systems from being used to gather intelligence and preventing outside electronic emissions from disrupting your information-processing abilities

EMI Interference

Control Types Deterrent – signs, lights Preventative – door locks, training Detective – AV, audit logs Compensating – backup generator, physical lock in addition to fingerprint scanner Technical – firewalls, Lenel Onguard, etc Administrative – policies, procedures (e.g. when someone leaves, change all the codes/passwords that they knew)

Chapter Summary Social Engineering concepts Security Awareness training HVAC/environmental controls EMI shielding Fire Extinguisher types Control types