please answer all 5 questions completely with any references

please answer all 5 questions completely with any references and citations

1.Identify the role of environmental controls in securing information assets. 2.Describe the physical security controls that are available for use in securing technical information assets. 3.Describe the physical security controls that are available for use in securing human access to information assets. 4.Develop a strategy for integrating physical security into an overall security management plan. 5.Use proper APA (6th edition) style and formatting for all references and citations.

Solution

1.Identify the role of environmental controls in securing information assets:

controls attempt to identify unwanted events after they have occurred. Preventive physical security controls vary, but may include6 :

Manual door or cipher key locks.

Magnetic door locks that require the use of electronic keycards ·

Biometric authentication ·

Security guards ·

Photo ID’s ·

Entry logs ·

Logs and authorization for removal and return of tapes and other storage media to the library ·

Perimeter fences around sensitive buildings ·

Computer terminal locks

Detective security controls e.g. are7 : ·

Motion detectors ·

Smoke and fire detectors ·

Electronic and visual surveillance systems ·

Perimeter intrusions alarms

2.Describe the physical security controls that are available for use in securing technical information assets.

Physical assets:
These are the visible and tangible equipment and could comprise of:

a) Computer equipment: Mainframe computers, servers, desktops and notebook computers.
b) Communication equipment: Modems, routers, EPABXs and fax machines.
c) Storage media: Magnetic tapes, disks, CDs and DATs.
d) Technical equipment: Power supplies, air conditioners.
e) Furniture and fixtures

3.Describe the physical security controls that are available for use in securing human access to information assets:

Physical security is often overlooked -- and its importance underestimated -- in favor of more technical threats such as hacking, malware, and cyberespionage. However, breaches of physical security can be carried out with brute force and little or no technical knowledge on the part of an attacker.

Physical security has three important components: access control, surveillance and testing. Obstacles should be placed in the way of potential attackers and physical sites should be hardened against accidents, attacks or environmental disasters. Such hardening measures include fencing, locks, access control cards, biometric access control systems and fire suppression systems. Second, physical locations should be monitored using surveillance cameras and notification systems, such as intrusion detection sensors, heat sensors and smoke detectors. Third, disaster recovery policies and procedures should be tested on a regular basis to ensure safety and to reduce the time it takes to recover from disruptive man-made or natural disasters.

.Develop a strategy for integrating physical security into an overall security management plan:

Using these criteria, we have to identify the actual owners of each of the information assets. This is also an important step for one more reason. Only an owner of the asset will be able to decide the business value of the asset. Unless the correct business value of the asset is known, we cannot identify the security requirement of the asset.

System software ownership could be with the appropriate persons within the IT team. The owner of these assets will be responsible for maintaining all the system software including protecting the organization against software piracy.