95 terms

Rick's PSP Study Guide 1

5 Levels of Security Systems
1 .Minimum
2. Low Level
3. Medium Security
4. High-level Security
5. Maximum Security
Minimum Security
Impede some unauthorized external activity.
* Simple physical barriers
* Simple locks
Low-level Security
Impede and detect some unauthorized external activity.
* Basic security physical barriers
* High-security locks
* Simple security lighting
* Basic local alarm systems
Medium Security
Impede and detect and assess most unauthorized external activities and some internal activities
* High-security physical barriers at perimeter, guard dogs
* Advanced remote alarm systems
* Watchmen with basic communications
High-level security
Impede, detect and assess most unauthorized external and internal activities.
* Access controls
* Perimeter alarm system
* High security lighting
* Local law enforcement coordination
*Highly trained armed guards w/advanced comms
* Formal contingency Plans
Maximum security
Impede, detect, assess and neutralize all unauthorized external and internal activities
* Sophisticated alarm system
* Onsite, armed response force
For the maximum psychological effect to be achieved...
...the capabilities of the protection system must be known to the criminal, that is, they must convince the criminal that the odds of getting caught are high.
What is a PPS
A Physical protection System (PPS) integrates people, procedures, and equipment for the protection of assets or facilities against theft, sabotage, or other malevolent human attacks
What are the primary functions of a PPS?
1. Detection of an adversary.
2. Delay of that adversary.
3. Response by security personnel or guard force.
What are the components of a PPS
1. People.
2. Procedures.
3. Equipment.
What are the four stages of PPS implementation?
1. Determine Objectives.
2. Design PPS.
3. Analyze PPS Design.
4. Re-design PPS (or components of) where necessary.
Facility Characterization means to look at major areas such as:
1. Physical conditions.
2. Facility operations.
3. Facility policies and procedures.
4. Regulatory requirements.
5. Safety Considerations.
6. Legal Issues.
7. Corporate goals and objectives.
Facility Characterization
Physical Conditions
* Identify site boundary
* Number & location of buildings
* Access points.
* Existing physical protection features.
* All infrastructure details.
Facility Characterization
Facility Operations
* Major products of the facility
* Processes that support these products
* Operating conditions
* Types and numbers of employees
* Procurement procedures
* Computing resources & distribution
* Maintenance activities
* Asset tracking
* Operational involvement & location of senior execs
* Work flow & shift changes
* Employee benefits
* Shipping & receiving
* Accounting & any other support functions
Facility Characterization
Facility Policy & Procedures
* Obtain understanding of written and un-written proceedures.
* Have a guided tour of facility.
* Observe the ebb and flow of work.
* Review safety & security training requirements for all workers.
* Determine extent of documented procedures.
Facility Characterization
Regulatory Requirements
* Fire department.
* Safety & Health regulators.
* Department of Labor.
* Nuclear regulatory commission.
* Local building codes.
* ULC (Underwriter Laboratories) standards.
Facility Characterization
Safety Considerations
* Strike a balance between safety and security.
* 1-15 second time delay on fire exits.
* Dispatch a guard to protect an area.
* UL 2000 "safety & security personnel must work together to design systems that will be effective in normal (daily operations), abnormal (fire), and malevolent (attack on facility by a human adversary) conditions."
Facility Characterization
Legal Issues
* Liability
* Privacy
* Access for the disabled
* Labor relations
* Employment practices
* Proper training for guards
* The failure to protect
* Excessive use of force by guards
Facility Characterization
Corporate Goals & Objectives
* Establish support of senior management.
* Conduct assessment of vulnerabilities.
* Present solutions showing the value add.
Facility Characterization
Security Principle
In order to design a system that will be effective, the PPS design must accommodate the safety, process and mission of the corporation and the facility.
Eight Points of Threat Definition (1-4)
1. Study the capabilities intentions of assumed potential criminals or adversaries.
2. Look at possible intentions, motivations and physical capabilities of likely adversaries.
3. Availability of on-site security personnel or local law enforcement.
4. Once adversary types are identified, determine the threat against which the facility or target will be protected.
Eight Points of Threat Definition (5-8)
5. A Threat Definition results in a detailed description of the physical threat by a malevolent adversary to the system.
6. Threat Definition aids in determining PPS design objectives.
7. Any facility will have records of suspicion regarding malevolent adversaries.
8. PPS must be designed to protect against these adversaries or threats.
The three basic parts for determining a Threat Definition are:
1. List the information needed to define the threat.
2. Collect information of the potential threat.
3. Organize the information to make it usable.
Four necessary points of information about adversaries:
1. Motivation (Idealogical, economic, personal)
2. Potential goals based upon targets (theft, espionage, extortion, kidnapping, etc)
3. Tactics (force, stealth, or deceit)
4. Numbers & capabilities (use of weapons, various tools they may use, etc.)
Adversaries are characterized in three broad groups:
1. Outsiders (terrorists, criminals, extremists or hackers).
2. Insiders.
3. Outsiders working in collusion with insiders.
True or False: Insider Threats have a knowledge of operations or security and who has un-escorted access.
List the three types of insider threats:
1. Passive.
2. Active non-violent.
3. Active violent.
True or False: Outsider threats are responsible for the majority of security breaches in both physical and computer security systems.
False. Insider threats are responsible for the majority of security breaches in both physical and computer security systems.
True or False: One study showed that guards do almost half of all stealing, and that many inside opportunities are due to procedural failures.
What are three characteristics of Insider threats?
1. System knowledge that can be used to their advantage.
2. Authorized access to the facility, assets, or PPS without raising suspicions of others.
3. Opportunity to chose the best time to commit an act.
Three points of consideration on adversaries:
1. Capability of an adversary.
2. Adversary tactics (force, stealth or deceit).
3. Potential actions (trying to steal something, industrial espionage, sabotage, extortion, coercion, violence against other or kidnapping)
List five sources for the collection of threat information:
1. Intelligence sources (network with law enforcement or other related services).
2. Crime analysis, studies.
3. Professional organizations & services.
4. Published literature.
5. Government directives and legislation.
What is the Security Principle regarding Threat Definition?
A facility PPS is designed based on the maximum credible threat to the facility.
Target Identification identifies _______ , ________ or ________ actions to be protected.
areas, assets or actions
True or False: The ease or difficulty of protecting against a particular threat are considered BEFORE the items of Target Identification have been identified.
False: The ease or difficulty of protecting against a particular threat are considered AFTER the items of Target Identification have been identified.
List at least four Undesirable Consequences to an inadequate PPS
* Loss of life
* Theft of material or information
* Environmental damage due to release of hazarous material by theft or sabotage
* Interruption of critical utilities or communications
* Degraded business operations
* Workplace violence, extortion, blackmail
* Building collapse
* Damage to reputation
* Legal Liability
List two techniques for Target Identification:
1. Manual listing of targets.
2. Logic Diagrams.
Manual listing is good for....
* Localized items (laptops, tools, etc)
* Work-in-progress (items ready to be packaged)
Locations in a facility containing equipment to be protected against are called ______ _______
vital areas
Because both the function and structure of a facility can be very complex, the choice of components and areas to protect as vital is...
...usually not obvious.
What tool is used for the determination of a vital area?
A sabotage fault tree.
True or False: Target Identification is used to determine what to protect.
Target may be susceptible to _____ , _______ , or _______.
theft, sabotage, or personal harm
Priorities of targets are based on...
Analysis of the consequence of the loss and threat.
True or False: For every crime that is committed, there is a crime prevention or loss reduction defense or procedure that, if followed, could delay or prevent a criminal from committing that act.
The strongest reason for a criminal to lose desire to break-in, etc is...
...the threat of getting caught.
A PPS is designed based on...
...the maximum credible threat to the facility.
What are the two ways to prevent theft and sabotage?
1. Deterring the adversary.
2. Defeating the adversary.
List six steps in designing a security layout:
1. Eliminate all non-essential doors and windows.
2. Specify fire-resistant material throughout the interior.
3. Install fire, intrusion and environmental control systems.
4. Separate shipping and receiving areas.
5. Make provisions for the handicapped.
6. Provide adequate lighting around the perimeter.
Detection is the _________ of an adversary action.
What are the three steps Detection is accomplished?
1. A sensor reacts to a stimulus and initiates an alarm.
2. Information from the sensor and assessment subsystems is reported and displayed.
3. A person assesses information and judges the alarm to be valid or invalid.
A PPS system works best if what two conditions are met?
1. Detection is as far from the target as possible.
2. Delays are in place near the target.
______________ is the process of determining whether the source of the alarm is due to an attack or a nuisance alarm.
Detection without ____________ is not detection.
True or False: Entry control is part of detection.
What is a measure of entry control?
Throughput (number of authorized people allowed access per until time)
A False Acceptance Rate is ...
...the rate at which false identities or credentials are allowed entry.
The frequency of denying access to authorized people is the ....
...false rejection rate.
List three measures of effectiveness for PPS detection:
1. Probability of sensing adversary action.
2. Time required for reporting and assessing the alarm.
3. Nuisance alarm rate.
The probability of detection ____________ as the time before assessment ___________.
decreases; increases
An effective assessment provides what two types of information with detection?
1. Whether the alarm is valid or nuisance.
2. Details such as what, who, where and how many.
What is a NAR
Nuisance Alarm Rate
Any alarm not caused by an intrusion is a _____ _____.
nuisance alarm
Because not all alarms are caused by intrusion, what is necessary?
Animals, birds, trees, rain, lightning, blowing debris, etc are all common sources of...
nuisance alarms
Nuisance alarms generated by the equipment itself (from poor design, inadequate maintenance or component failure) are called...
False alarms
Delay is the _______ ________ of adversary progress.
slowing down
List for methods for accomplishing delay:
1. People.
2. Barriers.
3. Locks.
4. Activated delays.
Delay before detection is primarily a ________.
True or False: Delay without detection is not delay
The primary purpose of placing barriers before detections is:
To force adversaries to change or abandon their tactic.
True or False: In PPS design, delay before detection is of no benefit. Why or why not
True. Because it does not provide additional time for a guard force to respond.
____________ is defined as a sufficient number of response force personnel arriving at the appropriate location to stop the adversary's progress.
What is the measure of response force effectiveness?
The time between receipt of a communication of adversary and the interruption of the adversary action.
The time between receipt of a communication of adversary and the interruption of the adversary action is called what?
Response Force Time
PPS Performance Measures
* Probability of detection.
* Time for communication and assessment.
* Frequency of nuisance alarms.
PPS Performance Measures
* Time to defeat obstacles
PPS Performance Measures
* Probability of accurate communication to response force.
* Time to communicate.
* Probability of deployment to adversary location.
* Time to deploy.
* Response force effectiveness.
The use of multiple lines of detection (e.g.the use of two or more types of sensors to detect the same event) is referred to as...
...Protection in depth.
True or False: Protection-in-depth requires an adversary to avoid or defeat a number of protective devices in sequence.
List three effects of Protection-in-depth:
1. Increased uncertainty about the system.
2. More extensive preparation prior to the attack required.
3. Additional steps where the adversary may fail or abort the mission created.
Balanced protection means:
That no matter how an adversary attempts to accomplish the goal, effective elements of the PPS will be encountered.
For a complementary balanced system, what two factors should be equal?
1. The minimum time to penetrate each barrier and..
2. The minimum time to detect penetration of the barrier.
The objective should be to provide adequate protection against all threats on all possible paths and to maintain a balance with other considerations such as ________ , ________ , or __________.
cost, safety or structural integrity
What is a "Clear Zone"?
The area within two parallel fences where the sensors are inside.
A PPS is best measured by the concept of probability of __________ of a defined ________ along the most _________ path in the facility.
A PPS is best measured by the concept of probability of interruption of a defined adversary along the most vulnerable path in the facility.
A PPS that is well designed will exhibit the following three characteristics:
1. Protection-in-depth.
2. Minimum consequence of component failure.
3. Balanced protection.
A PPS where effective elements are encountered no matter how an adversary attempts to accomplish his goal is said to have...
Balanced protection.
What are the three functions of a PPS?
1. Detection.
2. Delay.
3. Response.
What three things do the functions of a PPS integrate?
1. People.
2. Procedures.
3. Equipment.
True or false: Detection is placed before Delay
Detection is most effective at the ______ and delay more effective at the _______.
perimeter, target
True or False: Assessment is not a critical component of Detection.
For protection of critical assets, the total time for detection, delay, and response must be less than...
...the adversary's task time.
True or False: Feature-based design is better than performance-based design when measuring overall system effectiveness.