Page 718 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 718
and increase the likelihood that alarms indicate actual intrusions or
attacks.
CCTV is a security mechanism related to motion detectors, sensors,
and alarms. However, CCTV is not an automated detection-and-
response system. CCTV requires personnel to watch the captured
video to detect suspicious and malicious activities and to trigger
alarms. Security cameras can expand the effective visible range of a
security guard, therefore increasing the scope of the oversight. In
many cases, CCTV is not used as a primary detection tool because of
the high cost of paying a person to sit and watch the video screens.
Instead, it is used as a secondary or follow-up mechanism that is
reviewed after a trigger from an automated system occurs. In fact, the
same logic used for auditing and audit trails is used for CCTV and
recorded events. A CCTV is a preventive measure, whereas reviewing
recorded events is a detective measure.
Secondary Verification
As illustrated in the previous real-world scenario, Gino was at
constant risk of security breaches because Elise is constantly
forgetting (and therefore writes down) every password, whereas
Francis is habitually forgetful about the location of his key card.
What happens when someone else comes into possession of either
of these items and has knowledge of how or where to use them?
Gino’s biggest advantage will be any secondary verification
mechanisms he has established in the workplace. This may include
a CCTV system that identifies the face of the person who uses a key
card for access or inputs a combination in some area designated
under surveillance. Even videotape logs of ingress and egress
through checkpoints can be helpful when it comes to chasing down
accidental or deliberate access abuses.
With known “problem users” or “problem identities,” many
security systems can issue notifications or alerts when those
identities are used. Depending on the systems that are available,
