1、CISSP认证考试(物理安全与环境安全)-试卷 1及答案解析(总分:64.00,做题时间:90 分钟)1.Robert has been given the responsibility of installing doors that provide different types of protection. He has been told to install doors that provide failsafe, fail-secure, and fail-soft protection. Which of the following statements is true abou
2、t secure door types?(分数:2.00)A.Fail-soft defaults to the sensitivity of the area.B.Fail-safe defaults to locked.C.Fail-secure defaults to unlocked.D.Fail-secure defaults to double locked.2.Windows can have different glazing materials. What type of window may be prohibited by fire codes because of it
3、s combustibility?(分数:2.00)A.TemperedB.Polycarbonate acrylicC.Glass-clad polycarbonateD.Laminated3.As with logical access controls, audit logs should be produced and monitored for physical access controls. Which of the following statements is correct about auditing physical access?(分数:2.00)A.Unsucces
4、sful access attempts should be logged but only need to be reviewed by a security guard.B.Only successful access attempts should be logged and reviewed.C.Only unsuccessful access attempts during unauthorized hours should be logged and reviewed.D.All unsuccessful access attempts should be logged and r
5、eviewed.4.Brad is installing windows on the storefront of a bank in an area known to be at risk of fires in the dry season. Which of the following is least likely to be true of the windows he is installing?(分数:2.00)A.The glass has embedded wires.B.They are made of glass-clad polycarbonate.C.The wind
6、ow material is acrylic glass.D.A solar window film has been added to them.5.CGTV can use fixed focal length or varifocal lenses. Which of the following correctly describes the lenses used in CCTV?(分数:2.00)A.A fixed focal length lens allows you to move between various fields of view with a single len
7、s.B.To cover a large area and not focus on specific items, use a large lens opening.C.An auto-iris lens should be used in an area with fixed lighting.D.A shallow depth of focus allows you to focus on smaller details.6.Which of the following describes the type of construction materials most commonly
8、used to build a banks exterior walls?(分数:2.00)A.Dense woods fastened with metal bolts and platesB.Steel rods encased inside of concrete walls and support beamsC.Untreated lumberD.Steel7.Which of the following is a light-sensitive chip used in most of todays CCTV cameras?(分数:2.00)A.Digital Light Proc
9、essingB.Cathode ray tubeC.AnnunciatorD.Charged-coupled devices8.John is installing a sprinkler system that makes use of a thermal-fusible link for a data center located in Canada. Which of the following statements is true of the system hes installing?(分数:2.00)A.The pipes of a dry pipe system are fil
10、led with water when pressurized air within the pipes is reduced.B.The pipes of a preaction system are filled with water when pressurized air within the pipes is reduced.C.The sprinkler heads of a deluge system are wide open to allow a larger volume of water to be released in a shorter period.D.The p
11、ipes in a wet pipe system always contain water.9.What of the following allows security personnel to change the field of view of a CCTV lens to different angles and distances?(分数:2.00)A.Depth of fieldB.Manual irisC.ZoomD.Illumination10.An outline for a physical security design should include program
12、categories and the necessary countermeasures for each. What category do locks and access controls belong to?(分数:2.00)A.AssessmentB.DeterrenceC.ResponseD.Delay11.A number of factors need to be considered when buying and implementing a CCTV system. Which of the following is the primary factor in deter
13、mining whether a lens should have a manual iris or an auto-iris?(分数:2.00)A.If the camera must be able to move in response to commandsB.If the environment has fixed lightingC.If objects to be viewed are wide angle, such as a parking lot, or narrow, such as a doorD.The amount of light present in the e
14、nvironment12.IDSs can detect intruders by employing electromechanical systems or volumetric systems. Which of the following correctly describes these systems?(分数:2.00)A.Because they detect changes in subtle environmental characteristics, electromechanical systems are more sensitive than volumetric.B
15、.Electromechanical systems are less sensitive than volumetric systems, which detect subtle changes in environmental characteristics.C.Electromagnetic systems deal with environmental changes such as ultrasonic frequencies, while volumetric systems can employ pressure mats or metallic foil in windows.
16、D.Electromagnetic systems are more sensitive because they detect a change or break in a circuit, while volumetric systems detect environmental changes.13.What discipline combines the physical environment and sociology issues that surround it to reduce crime rates and the fear of crime?(分数:2.00)A.Lay
17、ered defense modelB.Target hardeningC.Crime Prevention Through Environmental DesignD.Natural access control14.There are several types of volumetric IDSs. What type of IDS emits a measurable magnetic field that it monitors for disruptions?(分数:2.00)A.Capacitance detectorB.Passive infrared systemC.Wave
18、-pattern motion detectorsD.Photoelectric system15.Paisley is helping her company identify potential site locations for a new facility. Which of the following is not an important factor when choosing a location?(分数:2.00)A.Distance to police and fire stationsB.LightingC.Natural disaster occurrenceD.Cr
19、ime rate16.Sarah recently learned that the painting she inherited from a relative and hung in her downtown coffee shop is worth a lot of money. She is worried about its protection and wants to install an IDS. Which of the following intrusion detection systems is the most appropriate for protecting t
20、he painting?(分数:2.00)A.Acoustical detection systemB.Proximity detectorC.Photoelectric systemD.Vibration sensor17.David is preparing a server room at a new branch office. What locking mechanisms should he use for the primary and secondary server room entry doors?(分数:2.00)A.The primary and secondary e
21、ntrance doors should have access controlled through a swipe card or cipher lock.B.The primary entrance door should have no access controlled through a security guard. The secondary doors should be secured from the inside and allow no entry.C.The primary entrance door should have access controlled th
22、rough a swipe card or cipher lock. The secondary doors should have a security guard.D.The primary entrance door should have access controlled through a swipe card or cipher lock. Secondary doors should be secured from the inside and allow no entry.18.Which of the following is not true of IDSs?(分数:2.
23、00)A.They can be hindered by items within the room.B.They are expensive and require human intervention to respond to the alarms.C.They usually come with a redundant power supply and emergency backup power.D.They should detect, and be resistant to, tampering.19.Before an effective physical security p
24、rogram can be rolled out, a number of steps must be taken. Which of the following steps comes first in the process of rolling out a security program?(分数:2.00)A.Create countermeasure performance metrics.B.Conduct a risk analysis.C.Design the program.D.Implement countermeasures.20.A number of measures
25、 should be taken to help protect devices and the environment from electric power issues. Which of the following is best to keep voltage steady and power clean?(分数:2.00)A.Power line monitorB.Surge protectorC.Shielded cablingD.Regulator21.What type of fence detects if someone attempts to climb or cut
26、it?(分数:2.00)A.Class IVB.PIDASC.CPTEDD.PCCIP22.Several different types of smoke and fire detectors can be used. What type of detector is shown in the following graphic? (分数:2.00)A.PhotoelectricB.Heat-activatedC.Infrared flameD.Ionization23.Crime Prevention Through Environmental Design (CPTED) is a di
27、scipline that outlines how the proper design of a physical environment can reduce crime by directly affecting human behavior. Of CPTEDs three main components, what is illustrated in the following photo?(分数:2.00)A.Natural surveillanceB.Target hardeningC.Natural access controlD.Territorial reinforceme
28、nt24.Different types of material are built into walls and other constructs of various types of buildings and facilities. What type of material is shown in the following photo? (分数:2.00)A.Fire-resistant materialB.Light frame construction materialC.Heavy timber construction materialD.Rebar material25.
29、There are five different classes of fire. Each depends upon what is on fire. Which of the following is the proper mapping for the items missing in the provided table? (分数:2.00)A.Class Dcombustible metalsB.Class CliquidC.Class BelectricalD.Class Aelectrical26.Electrical power is being provided more t
30、hrough smart grids, which allow for self-healing, resistance to physical and cyberattacks, increased efficiency, and better integration of renewable energy sources. Countries want their grids to be more reliable, resilient, flexible, and efficient. Why does this type of evolution in power infrastruc
31、ture concern many security professionals?(分数:2.00)A.Allows for direct attacks through Power over EthernetB.Increased embedded software and computing capabilitiesC.Does not have proper protection against common web-based attacksD.Power fluctuation and outages directly affect computing systemsThe foll
32、owing scenario is to be used for questions 27, 28, and 29.Mike is the new CSO of a large pharmaceutical company. He has been asked to revamp the companys physical security program and better align it with the companys information security practices. Mike knows that the new physical security program
33、should be made up of controls and processes that support the following categories: deterrent, delaying, detection, assessment, and response.(分数:6.00)(1).Mikes team has decided to implement new perimeter fences and warning signs against trespassing around the companys facility. Which of the categorie
34、s listed in the scenario do these countermeasures map to?(分数:2.00)A.DeterrentB.DelayingC.DetectionD.Assessment(2).Mikes team has decided to implement stronger locks on the exterior doors of the new companys facility. Which of the categories listed in the scenario does this countermeasure map to?(分数:
35、2.00)A.DeterrentB.DelayingC.DetectionD.Assessment(3).Mikes team has decided to hire and deploy security guards to monitor activities within the companys facility. Which of the categories listed in the scenario does this countermeasure map to?(分数:2.00)A.DelayingB.DetectionC.AssessmentD.RecallThe foll
36、owing scenario is to be used for questions 30, 31, and 32.Greg is the security facility officer of a financial institution. His boss has told him that visitors need a secondary screening before they are allowed into sensitive areas within the building. Greg has also been told by the network administ
37、rators that after the new HVAC system was installed throughout the facility, they have noticed that power voltage to the systems in the data center sags.(分数:6.00)(1).Which of the following is the best control that Greg should ensure is implemented to deal with his bosss concern?(分数:2.00)A.Access and
38、 audit logsB.MantrapC.Proximity readersD.Smart card readers(2).Which of the following best describes the situation that the network administrators are experiencing?(分数:2.00)A.BrownoutsB.SurgesC.In-rush currentD.Power line interference(3).Which of the following is a control that Gregs team could impl
39、ement to address the network administrators issue?(分数:2.00)A.Secondary feeder lineB.Insulated grounded wiringC.Line conditionerD.GeneratorCISSP认证考试(物理安全与环境安全)-试卷 1答案解析(总分:64.00,做题时间:90 分钟)1.Robert has been given the responsibility of installing doors that provide different types of protection. He ha
40、s been told to install doors that provide failsafe, fail-secure, and fail-soft protection. Which of the following statements is true about secure door types?(分数:2.00)A.Fail-soft defaults to the sensitivity of the area. B.Fail-safe defaults to locked.C.Fail-secure defaults to unlocked.D.Fail-secure d
41、efaults to double locked.解析:解析:A 正确。带自动锁的门可以配置成故障保护(fail-secure)型、故障安全型(fail-safe)或故障弱化型(fail-soft)。故障弱化指的是根据某个区域内的数据和系统(比如某人在这幢大楼的特定区域内工作)的敏感度,默认设置为上锁或解锁。故障弱化系统的目的是以故障的方式尽可能多地保护数据和功能。 B 不正确。因为故障安全(fail-safe)并非默认为上锁。故障安全设置是指一旦发生了影响自动上锁系统的电力中断,那么门默认为解锁。故障安全的设置直接与对人的保护有关。如果人们在一个区域内工作,一旦该区域发生大火或者断电,把人锁
42、在里面可不是个好主意。 C 不正确。因为故障保护(fail-secure)并非默认为解锁。故障保护配置是指一旦电力出现问题,门默认为上锁。注意不要混淆故障保护和故障安全。你可以这么想:如果故障保护锁出现故障,门是安全的,即门被锁住;如果故障安全锁出故障,那么它所保护的人是安全的,因为人们可以通过门离开。 D 不正确。因为故障保护并非默认为双重上锁。在故障保护配置下,如果电力出现问题,门便会锁上。2.Windows can have different glazing materials. What type of window may be prohibited by fire codes b
43、ecause of its combustibility?(分数:2.00)A.TemperedB.Polycarbonate acrylic C.Glass-clad polycarbonateD.Laminated解析:解析:B 正确。在设计和构建一个设施时,从物理安全角度来说,窗户(Windows)是需要处理的项日之一。除了要考虑它们的布局位置和入侵者是否能接近外,还应该考虑以下问题:半透明或不透明的需求、报警器和是否防碎等。窗户应该位于合适的位置(既要考虑安全性又要考虑美观性),其框架也应该具有适当强度,合适的玻璃材质,可能还需要一个保护罩。用于窗体上的玻璃材料可以是标准的、钢化的、亚
44、克力的或夹线玻璃,也可以是层压玻璃。聚碳酸酯亚克力要比标准玻璃、锻压玻璃和普通亚克力玻璃结实。与普通亚克力一样,聚碳酸酯是由一种透明颦料制成的。然而,由于它的可燃性,消防条例中明文禁止使用该材质。不要混淆聚碳酸酯亚克力和玻璃钢,后者是现今使用的最结实的窗口材料,它能防火、防化学品腐蚀、防碎等。 A 不正确。因为钢化玻璃不可燃。钢化玻璃是通过把玻璃加热,然后再突然冷却而制成的。这样增加了它的机械强度,使其更能抗压,难以打破。它的强度是普通玻璃的 5到 7倍。钢化玻璃即使碎了,也只是碎成小块,而不是碎成带尖的碎片。这样,与普通玻璃相比,钢化玻璃造成伤害的可能性更小。因为钢化玻璃有较厚的安全性和强度
45、,所以经常用于制造汽车玻璃、玻璃门和桌子以及厨具等。 C 不正确。因为玻璃钢能抵抗很多威胁,包括火。因此,它们不同于因可燃性而被消防条例禁止使用的聚碳酸酯亚克力,后者是由塑料制成的。玻璃钢是最结实的窗口材料,因此它也比其他玻璃材质贵得多。这种材料应该用于面临威胁最大的区域。 D 不正确。因为层压玻璃窗不可燃。层压玻璃有两层,其中问有一层塑料薄膜。添加的这层塑料薄膜使之更难被打破。当玻璃受到攻击开裂时,破裂的形状有如蜘蛛网。与其他类型的玻璃相比,层压玻璃可以有不同厚度。玻璃越厚(更多的玻璃和塑料)越难打破。层压玻璃窗经常用于汽车挡风玻璃、店铺外窗和天窗。3.As with logical acc
46、ess controls, audit logs should be produced and monitored for physical access controls. Which of the following statements is correct about auditing physical access?(分数:2.00)A.Unsuccessful access attempts should be logged but only need to be reviewed by a security guard.B.Only successful access attem
47、pts should be logged and reviewed.C.Only unsuccessful access attempts during unauthorized hours should be logged and reviewed.D.All unsuccessful access attempts should be logged and reviewed. 解析:解析:D 正确。物理访问控制系统可以使用软件和审计特征来生成访问尝试有关的审计跟踪或访问日志。下列信息应该被记录臼志并审核:访问尝试发生的口期和时间、访问尝试的入口点、尝试访问时使用的用户 ID以及任何未成功的
48、访问,特别这些访问尝试是否出现在未经授权的时段内。 A 不正确。因为正如计算机产生的审计口志一样,访问日志只在人们真正审核它们之时才有用处。安全人员需要审核这些日志,但是安全专家或者设备经理也应该定期审核这些日志。管理层需要知道这个设备的入口点在什么地方以及谁试图使用它们。审计和访问口志是侦测控制,而不是预防控制。它们用于在事实发生之后拼凑出情形,而不是试图在第一时间防止访问尝试的发生。 B 不正确。因为未成功的访问尝试也应该被记录并审核。尽管审计并不能拒绝实体访问网络、计算机或位置的活动,但它会跟踪活动,以便安全专家警惕可疑活动的出现。这些信息可以用来指出其他控制的弱点,有助于安全人员了解什
49、么地方必须做出变更以维护这个环境中所需的安全级别。 C 不正确。因为所有未授权的访问尝试无论出现在什么时候都应该被记入日志和审核。闯入企图可以出现在任何时候。可以为物理访问控制设置一些操作参数,允许接受一定量的失败访问尝试之后再锁定用户,这是一种自定义级别。对这种信息进行审计跟踪能够提醒安全人士注意可能出现的入侵。4.Brad is installing windows on the storefront of a bank in an area known to be at risk of fires in the dry season. Which of the following is least likely to be true of the windows he is installing?(分数:2.00)A.The glass has embedded wires.B.They are made of glass-clad polycarbonate.C.The window material is acrylic glass. D.A solar window film has been added to them.解析:解析:C 正确。Brad 安装的窗户不太可能是亚克力玻璃。亚克力玻璃是由聚碳酸酯亚克力制成,虽然它
