1、CISSP认证考试(物理安全与环境安全)模拟试卷 1及答案与解析 1 Robert has been given the responsibility of installing doors that provide different types of protection. He has been told to install doors that provide failsafe, fail-secure, and fail-soft protection. Which of the following statements is true about secure door type
2、s? ( A) Fail-soft defaults to the sensitivity of the area. ( B) Fail-safe defaults to locked. ( C) Fail-secure defaults to unlocked. ( D) Fail-secure defaults to double locked. 2 Windows can have different glazing materials. What type of window may be prohibited by fire codes because of its combusti
3、bility? ( A) Tempered ( B) Polycarbonate acrylic ( C) Glass-clad polycarbonate ( D) Laminated 3 As with logical access controls, audit logs should be produced and monitored for physical access controls. Which of the following statements is correct about auditing physical access? ( A) Unsuccessful ac
4、cess attempts should be logged but only need to be reviewed by a security guard. ( B) Only successful access attempts should be logged and reviewed. ( C) Only unsuccessful access attempts during unauthorized hours should be logged and reviewed. ( D) All unsuccessful access attempts should be logged
5、and reviewed. 4 Brad is installing windows on the storefront of a bank in an area known to be at risk of fires in the dry season. Which of the following is least likely to be true of the windows he is installing? ( A) The glass has embedded wires. ( B) They are made of glass-clad polycarbonate. ( C)
6、 The window material is acrylic glass. ( D) A solar window film has been added to them. 5 CGTV can use fixed focal length or varifocal lenses. Which of the following correctly describes the lenses used in CCTV? ( A) A fixed focal length lens allows you to move between various fields of view with a s
7、ingle lens. ( B) To cover a large area and not focus on specific items, use a large lens opening. ( C) An auto-iris lens should be used in an area with fixed lighting. ( D) A shallow depth of focus allows you to focus on smaller details. 6 Which of the following describes the type of construction ma
8、terials most commonly used to build a banks exterior walls? ( A) Dense woods fastened with metal bolts and plates ( B) Steel rods encased inside of concrete walls and support beams ( C) Untreated lumber ( D) Steel 7 Which of the following is a light-sensitive chip used in most of todays CCTV cameras
9、? ( A) Digital Light Processing ( B) Cathode ray tube ( C) Annunciator ( D) Charged-coupled devices 8 John is installing a sprinkler system that makes use of a thermal-fusible link for a data center located in Canada. Which of the following statements is true of the system hes installing? ( A) The p
10、ipes of a dry pipe system are filled with water when pressurized air within the pipes is reduced. ( B) The pipes of a preaction system are filled with water when pressurized air within the pipes is reduced. ( C) The sprinkler heads of a deluge system are wide open to allow a larger volume of water t
11、o be released in a shorter period. ( D) The pipes in a wet pipe system always contain water. 9 What of the following allows security personnel to change the field of view of a CCTV lens to different angles and distances? ( A) Depth of field ( B) Manual iris ( C) Zoom ( D) Illumination 10 An outline
12、for a physical security design should include program categories and the necessary countermeasures for each. What category do locks and access controls belong to? ( A) Assessment ( B) Deterrence ( C) Response ( D) Delay 11 A number of factors need to be considered when buying and implementing a CCTV
13、 system. Which of the following is the primary factor in determining whether a lens should have a manual iris or an auto-iris? ( A) If the camera must be able to move in response to commands ( B) If the environment has fixed lighting ( C) If objects to be viewed are wide angle, such as a parking lot
14、, or narrow, such as a door ( D) The amount of light present in the environment 12 IDSs can detect intruders by employing electromechanical systems or volumetric systems. Which of the following correctly describes these systems? ( A) Because they detect changes in subtle environmental characteristic
15、s, electromechanical systems are more sensitive than volumetric. ( B) Electromechanical systems are less sensitive than volumetric systems, which detect subtle changes in environmental characteristics. ( C) Electromagnetic systems deal with environmental changes such as ultrasonic frequencies, while
16、 volumetric systems can employ pressure mats or metallic foil in windows. ( D) Electromagnetic systems are more sensitive because they detect a change or break in a circuit, while volumetric systems detect environmental changes. 13 What discipline combines the physical environment and sociology issu
17、es that surround it to reduce crime rates and the fear of crime? ( A) Layered defense model ( B) Target hardening ( C) Crime Prevention Through Environmental Design ( D) Natural access control 14 There are several types of volumetric IDSs. What type of IDS emits a measurable magnetic field that it m
18、onitors for disruptions? ( A) Capacitance detector ( B) Passive infrared system ( C) Wave-pattern motion detectors ( D) Photoelectric system 15 Paisley is helping her company identify potential site locations for a new facility. Which of the following is not an important factor when choosing a locat
19、ion? ( A) Distance to police and fire stations ( B) Lighting ( C) Natural disaster occurrence ( D) Crime rate 16 Sarah recently learned that the painting she inherited from a relative and hung in her downtown coffee shop is worth a lot of money. She is worried about its protection and wants to insta
20、ll an IDS. Which of the following intrusion detection systems is the most appropriate for protecting the painting? ( A) Acoustical detection system ( B) Proximity detector ( C) Photoelectric system ( D) Vibration sensor 17 David is preparing a server room at a new branch office. What locking mechani
21、sms should he use for the primary and secondary server room entry doors? ( A) The primary and secondary entrance doors should have access controlled through a swipe card or cipher lock. ( B) The primary entrance door should have no access controlled through a security guard. The secondary doors shou
22、ld be secured from the inside and allow no entry. ( C) The primary entrance door should have access controlled through a swipe card or cipher lock. The secondary doors should have a security guard. ( D) The primary entrance door should have access controlled through a swipe card or cipher lock. Seco
23、ndary doors should be secured from the inside and allow no entry. 18 Which of the following is not true of IDSs? ( A) They can be hindered by items within the room. ( B) They are expensive and require human intervention to respond to the alarms. ( C) They usually come with a redundant power supply a
24、nd emergency backup power. ( D) They should detect, and be resistant to, tampering. 19 Before an effective physical security program can be rolled out, a number of steps must be taken. Which of the following steps comes first in the process of rolling out a security program? ( A) Create countermeasu
25、re performance metrics. ( B) Conduct a risk analysis. ( C) Design the program. ( D) Implement countermeasures. 20 A number of measures should be taken to help protect devices and the environment from electric power issues. Which of the following is best to keep voltage steady and power clean? ( A) P
26、ower line monitor ( B) Surge protector ( C) Shielded cabling ( D) Regulator 21 What type of fence detects if someone attempts to climb or cut it? ( A) Class IV ( B) PIDAS ( C) CPTED ( D) PCCIP 22 Several different types of smoke and fire detectors can be used. What type of detector is shown in the f
27、ollowing graphic?( A) Photoelectric ( B) Heat-activated ( C) Infrared flame ( D) Ionization 23 Crime Prevention Through Environmental Design (CPTED) is a discipline that outlines how the proper design of a physical environment can reduce crime by directly affecting human behavior. Of CPTEDs three ma
28、in components, what is illustrated in the following photo? ( A) Natural surveillance ( B) Target hardening ( C) Natural access control ( D) Territorial reinforcement 24 Different types of material are built into walls and other constructs of various types of buildings and facilities. What type of ma
29、terial is shown in the following photo? ( A) Fire-resistant material ( B) Light frame construction material ( C) Heavy timber construction material ( D) Rebar material 25 There are five different classes of fire. Each depends upon what is on fire. Which of the following is the proper mapping for the
30、 items missing in the provided table? ( A) Class D combustible metals ( B) Class C liquid ( C) Class B electrical ( D) Class A electrical 26 Electrical power is being provided more through smart grids, which allow for self-healing, resistance to physical and cyberattacks, increased efficiency, and b
31、etter integration of renewable energy sources. Countries want their grids to be more reliable, resilient, flexible, and efficient. Why does this type of evolution in power infrastructure concern many security professionals? ( A) Allows for direct attacks through Power over Ethernet ( B) Increased em
32、bedded software and computing capabilities ( C) Does not have proper protection against common web-based attacks ( D) Power fluctuation and outages directly affect computing systems 26 The following scenario is to be used for questions 27, 28, and 29. Mike is the new CSO of a large pharmaceutical co
33、mpany. He has been asked to revamp the companys physical security program and better align it with the companys information security practices. Mike knows that the new physical security program should be made up of controls and processes that support the following categories: deterrent, delaying, de
34、tection, assessment, and response. 27 Mikes team has decided to implement new perimeter fences and warning signs against trespassing around the companys facility. Which of the categories listed in the scenario do these countermeasures map to? ( A) Deterrent ( B) Delaying ( C) Detection ( D) Assessme
35、nt 28 Mikes team has decided to implement stronger locks on the exterior doors of the new companys facility. Which of the categories listed in the scenario does this countermeasure map to? ( A) Deterrent ( B) Delaying ( C) Detection ( D) Assessment 29 Mikes team has decided to hire and deploy securi
36、ty guards to monitor activities within the companys facility. Which of the categories listed in the scenario does this countermeasure map to? ( A) Delaying ( B) Detection ( C) Assessment ( D) Recall 29 The following scenario is to be used for questions 30, 31, and 32. Greg is the security facility o
37、fficer of a financial institution. His boss has told him that visitors need a secondary screening before they are allowed into sensitive areas within the building. Greg has also been told by the network administrators that after the new HVAC system was installed throughout the facility, they have no
38、ticed that power voltage to the systems in the data center sags. 30 Which of the following is the best control that Greg should ensure is implemented to deal with his bosss concern? ( A) Access and audit logs ( B) Mantrap ( C) Proximity readers ( D) Smart card readers 31 Which of the following best
39、describes the situation that the network administrators are experiencing? ( A) Brownouts ( B) Surges ( C) In-rush current ( D) Power line interference 32 Which of the following is a control that Gregs team could implement to address the network administrators issue? ( A) Secondary feeder line ( B) I
40、nsulated grounded wiring ( C) Line conditioner ( D) Generator CISSP认证考试(物理安全与环境安全)模拟试卷 1答案与解析 1 【正确 答案】 A 【试题解析】 A正确。带自动锁的门可以配置成故障保护 (fail-secure)型、故障安全型 (fail-safe)或故障弱化型 (fail-soft)。故障弱化指的是根据某个区域内的数据和系统 (比如某人在这幢大楼的特定区域内工作 )的敏感度,默认设置为上锁或解锁。故障弱化系统的目的是以故障的方式尽可能多地保护数据和功能。 B不正确。因为故障安全 (fail-safe)并非默认为上
41、锁。故障安全设置是指一旦发生了影响自动上锁系统的电力中断,那么门默认为解锁。故障安全的设置直接与对人的保护有关。如果人 们在一个区域内工作,一旦该区域发生大火或者断电,把人锁在里面可不是个好主意。 C不正确。因为故障保护 (fail-secure)并非默认为解锁。故障保护配置是指一旦电力出现问题,门默认为上锁。注意不要混淆故障保护和故障安全。你可以这么想:如果故障保护锁出现故障,门是安全的,即门被锁住;如果故障安全锁出故障,那么它所保护的人是安全的,因为人们可以通过门离开。 D不正确。因为故障保护并非默认为双重上锁。在故障保护配置下,如果电力出现问题,门便会锁上。 【知识模块】 物理安全与环境
42、安全 2 【正确答案】 B 【试题解析】 B正确。在设计和构建一个设施时,从物理安全角度来说,窗户(Windows)是需要处理的项日之一。除了要考虑它们的布局位置和入侵者是否能接近外,还应该考虑以下问题:半透明或不透明的需求、报警器和是否防碎等。窗户应该位于合适的位置 (既要考虑安全性又要考虑美观性 ),其框架也应该具有适当强度,合适的玻璃材质,可能还需要一个保护罩。用于窗体上的玻璃材料可以是标准的、钢化的、亚克力的或夹线玻璃,也可以是层压玻璃。聚碳酸酯亚克力要比标准玻璃、锻压玻璃和普通亚克力玻璃结实。与普通亚克力一样,聚碳酸酯 是由一种透明颦料制成的。然而,由于它的可燃性,消防条例中明文禁止
43、使用该材质。不要混淆聚碳酸酯亚克力和玻璃钢,后者是现今使用的最结实的窗口材料,它能防火、防化学品腐蚀、防碎等。 A不正确。因为钢化玻璃不可燃。钢化玻璃是通过把玻璃加热,然后再突然冷却而制成的。这样增加了它的机械强度,使其更能抗压,难以打破。它的强度是普通玻璃的 5到 7倍。钢化玻璃即使碎了,也只是碎成小块,而不是碎成带尖的碎片。这样,与普通玻璃相比,钢化玻璃造成伤害的可能性更小。因为钢化玻璃有较厚的安全性和强度,所以经常用于制造汽车玻璃、玻璃门和桌 子以及厨具等。 C不正确。因为玻璃钢能抵抗很多威胁,包括火。因此,它们不同于因可燃性而被消防条例禁止使用的聚碳酸酯亚克力,后者是由塑料制成的。玻璃
44、钢是最结实的窗口材料,因此它也比其他玻璃材质贵得多。这种材料应该用于面临威胁最大的区域。 D不正确。因为层压玻璃窗不可燃。层压玻璃有两层,其中问有一层塑料薄膜。添加的这层塑料薄膜使之更难被打破。当玻璃受到攻击开裂时,破裂的形状有如蜘蛛网。与其他类型的玻璃相比,层压玻璃可以有不同厚度。玻璃越厚 (更多的玻璃和塑料 )越难打破。层压玻璃窗经常用于汽车挡风玻璃、店铺外窗和天 窗。 【知识模块】 物理安全与环境安全 3 【正确答案】 D 【试题解析】 D正确。物理访问控制系统可以使用软件和审计特征来生成访问尝试有关的审计跟踪或访问日志。下列信息应该被记录臼志并审核:访问尝试发生的口期和时间、访问尝试的
45、入口点、尝试访问时使用的用户 ID以及任何未成功的访问,特别这些访问尝试是否出现在未经授权的时段内。 A不正确。因为正如计算机产生的审计口志一样,访问日志只在人们真正审核它们之时才有用处。安全人员需要审核这些日志,但是安全专家或者设备经理也应该定期审核这些日志。管理层需 要知道这个设备的入口点在什么地方以及谁试图使用它们。审计和访问口志是侦测控制,而不是预防控制。它们用于在事实发生之后拼凑出情形,而不是试图在第一时间防止访问尝试的发生。 B不正确。因为未成功的访问尝试也应该被记录并审核。尽管审计并不能拒绝实体访问网络、计算机或位置的活动,但它会跟踪活动,以便安全专家警惕可疑活动的出现。这些信息
46、可以用来指出其他控制的弱点,有助于安全人员了解什么地方必须做出变更以维护这个环境中所需的安全级别。 C不正确。因为所有未授权的访问尝试无论出现在什么时候都应该被记入日志和审核。闯入企图 可以出现在任何时候。可以为物理访问控制设置一些操作参数,允许接受一定量的失败访问尝试之后再锁定用户,这是一种自定义级别。对这种信息进行审计跟踪能够提醒安全人士注意可能出现的入侵。 【知识模块】 物理安全与环境安全 4 【正确答案】 C 【试题解析】 C正确。 Brad安装的窗户不太可能是亚克力玻璃。亚克力玻璃是由聚碳酸酯亚克力制成,虽然它的强度大于普通玻璃,但可燃。燃烧时,亚克力玻璃会产生二氧化碳、水、一氧化碳
47、、甲醛等化合物。因为它的毒性,消防条例很可能会禁止在银行使用这种亚克力玻璃。然而,亚 克力玻璃也有其用武之地。某些情况下它会因为易于处理和加工以及成本低等特点而成为玻璃的首选。你可以在当地水族馆或宠物商店找到亚克力玻璃。它经常用于构建住宅和商业水族馆,也用于飞机窗口、摩托车头盔以及冰球场地周围观众的保护栏。 A不正确。因为嵌线 (embedded wires)是一种旨在降低窗口被打破或破碎的可能性的安全特征。嵌线玻璃由两层玻璃组成,层与层之间嵌有线。银行店面前面的窗户不太可能使用嵌线玻璃。出于美观方面的考虑,这样的窗户一般不用于店铺前窗。然而,在可选的答案中,却不太可能因为这个特点。 B不正确
48、 。因为 Brad正在安装的非常可能是玻璃钢制成的窗户。玻璃钢是现在可用的强度最大的窗户材质,它防火,对于干燥季节位于易于着火地点的银行来说是一个不错的选择。注意不要混淆玻璃钢和聚碳酸酯亚克力,后者不仅燃烧而且在燃烧时会产生有毒烟雾。 D不正确。因为很有可能在该银行的店面窗上已经贴了遮阳玻璃膜。很多窗户上面都贴有一层膜来隔热和隔冷。它们会过滤掉紫外线,并且通常有一定的颜色,使坏人更难以窥探和监测窗内的活动。某些窗户还使用了另一种不同的膜,以使爆炸、暴雨和入侵者更难对其造成损伤。 【知识模块】 物理安全与环 境安全 5 【正确答案】 D 【试题解析】 D正确。较短的焦距允许你关注小细节而不是大场
49、景。为了理解景深 (depth offield)这个概念,请想象一下你和家人度假时所拍摄的相片。例如,你和家人一起在夏威夷的瓦胡岛海滩上度假,你想给他们照一张驻立在海岸线上的照片。因为你的家人是画面的主要对象,所以你需要把他们的图像放大。较短的焦距提供了一个更柔和的背景,并把拍摄者的眼睛引到照片的前景。现在,如果你想拍摄戴蒙德角的景观照,则需要使用较长的焦距,减少前后物体之间的差异。 A不正确。因为为了获得不同的 视角,必须更换定焦镜头。定焦镜头有宽、中、窄 3种视角。 “正常 ”焦距的镜头拍摄的图片最接近人眼的视角。广角镜头焦距短,长焦镜头焦距长。公司在为某一环境的固定角度选择定焦镜头时应该明白如果需要变换视角 (如从宽到窄 ),镜头也必须跟着变换。 B不正确。因为最好用一个广角镜头和一个小镜头孔来获得大区域的正确景深。在为你公司的闭路电视 (CCTV)选择正确的镜头和配置时,有必要了解什么是景深。景深指的是显示在监视器上的处于焦点范围内的清晰图像的距离范围。景深因镜头孔的大小、聚焦物体的距离和镜头焦距的大小不同而不同。景深随 着镜头孔缩小、物体距离增大和镜头焦距缩小而增加。 C不正确。因为自动光圈镜头应该用于光线变化的环境之中,比如户外。如果光圈感知到环境变明亮了,便会自动调整,手动光圈镜头应该用于光线固定的环境中。手动光圈镜头围绕着 CC
