Facilities Security

Question 1

Fire Suppression

Answer 1

Process of controlling and/or extinguishing fires to protect an organization’s employees, data, equipment, and buildings

Question 2

Handheld Fire Extinguisher Classes

Answer 2

Class A, B, C, D, K

Question 3

Type A Fire Extinguishers

Answer 3

Ordinary solid combustibles such as paper, wood, cloth and some plastics

Question 4

Type B Fire Extinguishers

Answer 4

Flammable liquids such as alcohol, ether, oil, gasoline and grease, which are best extinguished by smothering

Question 5

Class C Fire Extinguishers

Answer 5

Electrical equipment, appliances and wiring in which the use or a nonconductive extinguishing agent prevents injury from electrical shock.

Question 6

Class D Fire Extinguishers

Answer 6

Certain flammable metallic substances such as sodium and potassium. These materials are normally not found in the Medical Center

Question 7

Class K Fire Extinguishers

Answer 7

Used in kitchens on grease fires

Question 8

Wet Pipe Sprinkler System

Answer 8

Pipes are filled with water all the way to the sprinkler head and are just waiting for the bulb to be melted or broken

Question 9

Dry Pipe Sprinkler System

Answer 9

Pipes are filled with pressurized air and only push water into the pipes when needed to combat the fire

Question 10

pre-action sprinkler system

Answer 10

A pre-action sprinkler system will activate when heat or smoke is detected

Question 11

Clean Agent System

Answer 11

Fire suppression system that relies upon gas (HALON, FM-200, or CO2) instead of water to extinguish a fire

Question 12

Faraday Cage

Answer 12

Shielding installed around an entire room that prevents electromagnetic
energy and radio frequencies from entering or leaving the room

Question 13

TEMPEST

Answer 13

§ U.S. Government standards for the level of shielding required in a building to ensure emissions and interference cannot enter or exit the facility
§ TEMPEST facilities are also resistant to EMPs (electromagnetic pulses)

Question 14

Controller Area Network (CAN)

Answer 14

• A digital serial data communications network used within vehicles
• The primary external interface is the Onboard Diagnostics (OBD-II) module
• No concept of source addressing or message authentication in a CAN bus

Question 15

Internet of Things (IoT)

Answer 15

§ A group of objects (electronic or not) that are connected to the wider Internet by using embedded electronic components
§ Most smart devices use an embedded version of Linux or Android as their OS
§ Devices must be secured and updated when new vulnerabilities are found

Question 16

Embedded Systems

Answer 16

§ A computer system that is designed to perform a specific, dedicated function
§ Embedded systems are considered static environments where frequent changes are not made or allowed
§ Embedded systems have very little support for identifying and correcting security issues

Question 17

Programmable Logic Controller (PLC)

Answer 17

§ A type of computer designed for deployment in an industrial or outdoor setting that can automate and monitor mechanical systems
§ PLC firmware can be patched and reprogrammed to fix vulnerabilities

Question 18

System-on-Chip (SoC)

Answer 18

§ A processor that integrates the platform functionality of multiple logical controllers onto a single chip
§ System-on-Chip are power efficient and used with embedded systems

Question 19

Real-Time Operating System (RTOS)

Answer 19

§ A type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks
§ Embedded systems typically cannot tolerate reboots or crashes and must have response times that are predictable to within microsecond tolerances

Question 20

Field Programmable Gate Array (FPGA)

Answer 20

§ A processor that can be programmed to perform a specific function by a customer rather than at the time of manufacture
§ End customer can configure the programming logic to run a specific application instead of using an ASIC (application-specific integrated circuit)

Question 21

ICS and SCADA

Answer 21

Operational Technology (OT)
Industrial Control Systems (ICS)
Fieldbus
Human-Machine Interface (HMI)
Data Historian
Supervisory Control and Data Acquisition (SCADA)
Modbus

Question 22

Operational Technology (OT)

Answer 22

§ A communications network designed to implement an industrial control
system rather than data networking
§ Industrial systems prioritize availability and integrity over confidentiality

Question 23

Industrial Control Systems (ICS)

Answer 23

§ A network that manages embedded devices
§ ICS is used for electrical power stations, water suppliers, health services, telecommunications, manufacturing, and defense needs

Question 24

Fieldbus

Answer 24

Digital serial data communications used in operational technology networks to link PLCs

Question 25

Human-Machine Interface (HMI)

Answer 25

Input and output controls on a PLC to allow a user to configure and monitor the system § ICS manages the process automation by linking together PLCs using a fieldbus to make changes in the physical world (values, motors, etc)

Question 26

Data Historian

Answer 26

Software that aggregates and catalogs data from multiple sources within an industrial control system

Question 27

Supervisory Control and Data Acquisition (SCADA)

Answer 27

§ A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographic region § SCADA typically run as software on ordinary computers to gather data from and manage plant devices and equipment with embedded PLCs

Question 28

Modbus

Answer 28

§ A communications protocol used in operational technology networks § Modbus gives control servers and SCADA hosts the ability to query and change the configuration of each PLC

Question 29

mitigating vulnerabilities in specialized system

Answer 29

§ Establish administrative control over Operational technology networks by recruiting staff with relevant expertise § Implement the minimum network links by disabling unnecessary links, services § Develop and test a patch management program for Operational Technology Network § Perform regular audits of logical and physical access to systems to detect possible vulnerabilities and intrusion

Question 30

Premise Systems

Answer 30

§ Systems used for building automation and physical access security § Many system designs allow the monitoring to be accessible from the corporate data network or even directly from the Internet

Question 31

Building Automation System (BAS)

Answer 31

Components and protocols that facilitate the centralized configuration and monitoring of mechanical and electrical systems within offices and data centers

Question 32

Building Automation System (BAS) vulnerabilities

Answer 32

• Process and memory vulnerabilities in PLC • Plaintext credentials or keys in application code • Code injection via web user interface

Question 33

Physical Access Control System (PACS)

Answer 33

§ Components and protocols that facilitate the centralized configuration and monitoring of security mechanisms within offices and data centers § PACS can either be implemented as part of a building automation system or a separate system