Unit 7: Physical Security
Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage. This unit explains the importance of physical security as a significant item in providing overall security. Without physical security, all other sophisticated techniques can become useless. Specifically, we will study the NASA physical security program, which is a result of extensive research on physical security. We will also look into different types of attacks that are possible in the context of physical security.
Completing this unit should take you approximately 7 hours.
7.1: Physical Security
Read this chapter.
Read this chapter. After reading these chapters, explain the relationship between threat models and attacks. Take the communication examples in the chapters and try to explain different attacks based on different assumption of threat models.
7.2: NASA's Physical Security Program
Read this page about NASA's physical security program. Physical security in IT context requires most of the ideas discussed here, even though they were developed in the context of NASA's requirements.
7.3: Types of Attacks
Read this page. After you read, explain how the attacker identifies the target/victim and how to carry out social engineering via various approaches (phones, online chatting, Dumpster diving, reverse engineering etc.).