Question

Aurter PRO- Document - Word * Search abdulle al Fle Home Insert Design Layout References Malings Review Vic Help Share Comments TA AT Drind - X Cut h Copy Format Panter Calibri (BayIGA A A Bi-X, X AA AaBbce: ABCD Aalbot Aalboat AaB Aabbcc 4oBBCCDX 4deboco Acbcc ABCD Acebcam 1 Normal No Space Heading1 Heading 2 Irtie Emphasis Subtle Intenset. Subtle Dieste Strong Quote Chitar Sensitivity Sect Clipboard Paragraph line Voir Sensity Editor The core underlying principles of the Centre for the Protection of National Infrastructure's (CPNI's) protective security methodology are: Deter, Detect, Delay, Mitigate, Respond. a) Define, or briefly explain, what is meant by each of these five terms. b) How would you apply these five principles to a large item of Transport Infrastructure such as an airport? Give examples of measure that could be taken to apply each of these five principles. c) Contrast the function and design of protective security barriers, with conventional motorway safety fences. Give examples of each to illustrate your answer Huge 1 ult 1505 94 word: Englith inted Kingdom Type here to search Ei e A. 40 ING 1611 18/11/2020 F

Answer 1

Sol:

Deter

• Deny adversaries access to the information and other resources they require to conduct attack planning
• Persuade adversaries from conducting an attack through emphasis of the likelihood of failure and capture
• Project a sufficiently hostile view of the environment to an adversary so as to make an attack difficult or too unachievable to progress
• Amplify the effectiveness of security measures and messaging

Examples

• Messaging on the corporate website about the effectiveness of security measures (including the monitoring of visitors/cookies to enhance the user experience)
• Limiting the information available about the asset forcing a physical reconnaissance visit to the asset (increasing the likelihood of detection)
• Ensuring that the approaches to and areas around the asset are clear, easily monitored and that there is an appropriate challenge by the security officers or staff to unknown individuals (‘Can I help you’)
• Messaging for the entire attacker journey, from the website through to the physical approaches to the site, that provide reassuring messages about the security measures in place.

Detect

• To identify threat or attack behaviours at every stage of an attack – planning, reconnaissance, deployment
• Initiate an appropriate response to a threat or attack as early in the attack timeline as possible
• Monitor for the loss of information or assets which have been moved off site

Examples

• Detecting hostile reconnaissance through the monitoring and detection of suspicious activities on the corporate website and visits to the asset
• Implement a CCTV monitoring system covering beyond the site perimeter to identify an attack team approaching
• Use an information/asset logging system to identify patterns of information/assets not being returned or accounted for

Delay

• Maximising the time between the detection of an attack (at any of the stages in the attack timeline) and an attack reaching an asset’s perimeter
• Limit availability/access to information in order to prevent an adversary developing an optimised attack plan – thereby increasing the attack timeline and further increasing the chances of detection

Examples

• Monitor the area beyond the perimeter enabling early detection and maximising delay time for an adversary to transition the ground
• Ensure an adversary requires multiple or extended visits to a site to gather information for an attack plan – increasing the risk of detection and extending the attack planning timeline

Mitigate

• Maximise stand-off to any form of attack
• Minimise single points of failure beyond your perimeter
• Understand the potential effects of an attack on the surrounding environment and its impact on your site

Examples

• Use of vehicle security barriers to enforce an appropriate stand-off distance
• Use of resilient power supply, preventing single point of failure
• Locating key servers at the core of the building
• Use of local business/security forums to discuss impacts of attacks on neighbours and potential mitigations that could be used

Response

• Determine what external response is required to the range of threats your site faces and ensure measures are in place to initiate the response
• Where appropriate exercise your plans with external response forces, including communicating with neighbours

Examples

• Establish an out-of-hours system to deliver a nominated keyholder to the site within an appropriate time frame