Security Versus Personal Safety

Posted by in Security+ | 0 comments

If you’re planning on taking the Security+ exam, you should have a basic understanding of implementing environmental controls that directly contribute to the availability of systems and understand when to consider value of personal safety.

For example, can you answer this question?

Q. An attacker was able to sneak into your building but was unable to open the server room door. He bashed the proximity badge reader with a portable fire extinguisher and the door opened. What is the MOST likely reason that the door opened?

A. The access system was designed to fail-open.

B. The access system was designed to fail-close.

C. The access system was improperly installed.

D. The portable fire extinguisher included a proximity badge.

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.

Full Security+ (SY0-401) Course

Full Security+ Course Now Available

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

  • Introduction
  • About the exam (including types of questions and strategies for performance-based questions)
  • 100 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 20 practice test questions)
  • Exploring Control Types and Methods (full content from Chapter 2 of the study guide including the exam topic review and 20 practice test questions)
  • Understanding Basic Network Security (full content from Chapter 3 of the study guide including the exam topic review and 20 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 20 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 20 practice test questions)
  • Understanding Malware and Social Engineering (full content from Chapter 6 of the study guide including the exam topic review and 20 practice test questions)
  • Identifying Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 20 practice test questions)
  • Managing Risk (full content from Chapter 8 of the study guide including the exam topic review and 20 practice test questions)
  • Preparing for Business Continuity (full content from Chapter 9 of the study guide including the exam topic review and 20 practice test questions)
  • Understanding Cryptography (full content from Chapter 10 of the study guide including the exam topic review and 20 practice test questions)
  • Exploring Operational Security (full content from Chapter 11 of the study guide including the exam topic review and 20 practice test questions)
  • 100 question post-assessment exam
  • Security+ Acronyms

Get the Full Security+ Course Here

 Full Security+ Course Now Available


Test your readiness with these quality materials

Random 100-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

34 Simulated Performance-based Questions

Eight sets of performance-based questions with multiple questions in each set. These questions help you understand and prepare for performance based questions.

22 Realistic Performance-based Questions

Two new sets of performance-based questions with a total of 22 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 273 Security+ Flashcards to reinforce key testable concepts
  • 280 Security+ acronyms flashcards to help you master the required acronyms
  • 204 Security+ Remember This slides

Audio - SY0-401 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 15 minutes of audio (MP3 downloads.)

Audio - SY0-401 Security+ Question and Answer Audio Files

Learn by Listening. Over three hours hour and 15 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. Over one hour and 15 minutes of additional audio.

Bonus #2

Subnetting mini-tutorial that will help you answer two key question types:
  • Identify how many hosts a subnet supports
  • Identify valid IP addresses within a subnet

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the Full Security+ Course Here

Fail-Safe Versus Fail-Open

Many times, it’s important to consider the state of a system if it fails. You can often force a system to fail in an open state, or to fail in a safe or secure state. The terms fail-safe, fail-secure, and fail-close all mean the same thing. The state you choose is often dependent on the needs of the organization.

For example, you may have a system that requires high availability, but security isn’t as important. If it fails, you would want it to fail in an open state so that it remains available.

Consider an exit door secured with a proximity card. Normally, employees open the door with the proximity card and the system records their exit. The proximity card provides security, but you need the exit to remain highly available.

Security Versus Personal Safety

What happens if a fire starts and power to the building is lost? The proximity card reader won’t work, and if the door can’t open, employees will be trapped. In this case, you would want the proximity card reader to fail in the fail-open state so that personnel can get out. The value of personnel safety is always paramount. Of course, this does introduce a vulnerability. An attacker might be able to access a secure data center by destroying a proximity card reader.

On the other hand, consider a firewall used to provide security for a network. In this case, security is more important than availability. For example, if a firewall access control list (ACL) became corrupt, you would want it to fail in a fail-safe or secure mode. Essentially, it would block all traffic and continue to provide security for the network.

CompTIA Security+ Study Guide

The 401 Version of the Study Guide

SY0-401 Study GuideThe CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide is an update to the top-selling SY0-201 and SY0-301 study guides, which have helped thousands of readers pass the exam the first time they took it.

CompTIA Authorized Quality Content (CAQC)After a comprehensive review by ProCert Labs, the SY0-401 version has been certified as CompTIA Approved Quality Content (CAQC) and covers every aspect of the SY0-401 exam.

It includes the same elements readers raved about in the previous two versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.


Click for Free Preview


Over 400 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 100 question pre-test
  • A 100 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-401 study guide is for any IT or security professional interested in advancing in their field, and a must read for anyone striving to master the basics of IT security.

Kindle edition also available.

Are you looking for SYO-501 Study Guide?

The 501 Version of the Study Guide is Now Available. Click Here.

Fire Suppression

You can fight fires with individual fire extinguishers, with fixed systems, or both. Most organizations included fixed systems to control fires and place portable fire extinguishers in different areas around the organization. A fixed system can detect a fire and automatically activate to extinguish the fire. Individuals use portable fire extinguishers to suppress small fires.

The different components of a fire are heat, oxygen, fuel, and a chain reaction creating the fire. Fire suppression methods attempt to remove or disrupt one of these elements to extinguish a fire. You can extinguish a fire using one of these methods:

  • Remove the heat. Fire extinguishers commonly use chemical agents or water to remove the heat. However, water should never be used on an electrical fire.
  • Remove the oxygen. Many methods use a gas, such as carbon dioxide (CO2) to displace the oxygen. This is a common method of fighting electrical fires because CO2 and similar gasses are harmless to electrical equipment.
  • Remove the fuel. Fire-suppression methods don’t typically fight a fire this way, but of course, the fire will go out once all the material is burned.
  • Disrupt the chain reaction. Some chemicals can disrupt the chain reaction of fires to stop them.

Get Certified Get Ahead

The class of fire often determines what element of the fire you will try to remove or disrupt. Within the United States, fires are categorized in one of the following fire classes:

  • Class A—Ordinary combustibles. These include wood, paper, cloth, rubber, trash, and plastics.
  • Class B—Flammable liquids. These include gasoline, propane, solvents, oil, paint, lacquers, and other synthetics or oil-based products.
  • Class C—Electrical equipment. This includes computers, wiring, controls, motors, and appliances. The CompTIA Security+ exam is computer-centric, so you should especially understand that a Class C fire is from electrical equipment. You should not fight Class C fires with water or water-based materials, such as foam, because the water is conductive and can pose significant risks to personnel.
  • Class D—Combustible metals. This includes metals such as magnesium, lithium, titanium, and sodium. Once they start to burn, they are much more difficult to extinguish than other materials.

You can extinguish a Class A fire with water to remove the heat. However, water makes things much worse if you use it on any of the other classes. For example, using water on live equipment actually poses a risk because electricity can travel up the water stream and shock you. Additionally, water damages electrical equipment.


Full Security+ (SY0-401) Course

Full Security+ Course Now Available

Helping you Pass the First Time

Online access includes all of the content from the

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

  • Introduction
  • About the exam (including types of questions and strategies for performance-based questions)
  • 100 question pre-assessment exam
  • Mastering Security Basics (full content from Chapter 1 of the study guide including the exam topic review and 20 practice test questions)
  • Exploring Control Types and Methods (full content from Chapter 2 of the study guide including the exam topic review and 20 practice test questions)
  • Understanding Basic Network Security (full content from Chapter 3 of the study guide including the exam topic review and 20 practice test questions)
  • Securing Your Network (full content from Chapter 4 of the study guide including the exam topic review and 20 practice test questions)
  • Securing Hosts and Data (full content from Chapter 5 of the study guide including the exam topic review and 20 practice test questions)
  • Understanding Malware and Social Engineering (full content from Chapter 6 of the study guide including the exam topic review and 20 practice test questions)
  • Identifying Advanced Attacks (full content from Chapter 7 of the study guide including the exam topic review and 20 practice test questions)
  • Managing Risk (full content from Chapter 8 of the study guide including the exam topic review and 20 practice test questions)
  • Preparing for Business Continuity (full content from Chapter 9 of the study guide including the exam topic review and 20 practice test questions)
  • Understanding Cryptography (full content from Chapter 10 of the study guide including the exam topic review and 20 practice test questions)
  • Exploring Operational Security (full content from Chapter 11 of the study guide including the exam topic review and 20 practice test questions)
  • 100 question post-assessment exam
  • Security+ Acronyms

Get the Full Security+ Course Here

 Full Security+ Course Now Available


Test your readiness with these quality materials

Random 100-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. All questions include explanations so you'll know why the correct answers are correct, and why the incorrect answers are incorrect.

34 Simulated Performance-based Questions

Eight sets of performance-based questions with multiple questions in each set. These questions help you understand and prepare for performance based questions.

22 Realistic Performance-based Questions

Two new sets of performance-based questions with a total of 22 questions. These new questions use a new testing engine that includes realistic drag and drop, matching, sorting, and fill in the blank questions.

Flashcard Set

  • 273 Security+ Flashcards to reinforce key testable concepts
  • 280 Security+ acronyms flashcards to help you master the required acronyms
  • 204 Security+ Remember This slides

Audio - SY0-401 Security+ Remember This Audio Files

Learn by Listening. Over one hour and 15 minutes of audio (MP3 downloads.)

Audio - SY0-401 Security+ Question and Answer Audio Files

Learn by Listening. Over three hours hour and 15 minutes of audio (MP3 downloads.)

Bonus #1

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide. Over one hour and 15 minutes of additional audio.

Bonus #2

Subnetting mini-tutorial that will help you answer two key question types:
  • Identify how many hosts a subnet supports
  • Identify valid IP addresses within a subnet

Bonus #3 

Access the study materials for a total of 60 days because sometimes life happens.

Get the Full Security+ Course Here

Q. An attacker was able to sneak into your building but was unable to open the server room door. He bashed the proximity badge reader with a portable fire extinguisher and the door opened. What is the MOST likely reason that the door opened?

A. The access system was designed to fail-open.

B. The access system was designed to fail-close.

C. The access system was improperly installed.

D. The portable fire extinguisher included a proximity badge.

Answer is A. In this scenario, the most likely reason that the door opened was because the access system was designed to fail-open for personnel safety.

If the system was designed to fail-close, then employees would be trapped inside during a fire or other disaster.

Nothing in the scenario indicates the system was improperly installed.

A fire extinguisher would not include a proximity badge, and it wouldn’t work if the proximity reader was destroyed.

See Chapter 9 of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide for more information on implementing  environmental controls.

Leave a Comment

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.  This excerpt includes the introduction and Chapter 1.

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.