Home » Security Training and Tips » Domains of CISSP: Physical (Environmental) Security

Domains of CISSP: Physical (Environmental) Security

The Physical (Environmental) Security domain addresses the threats, vulnerabilities, and countermeasures that can be utilized to physically protect an enterprise’s resources and sensitive information. These resources include people, the facility in which they work, and the data, equipment, support systems, media, and supplies they utilize.

The candidate will be expected to know the elements involved in choosing a secure site, its design and configuration, and the methods for securing the facility against unauthorized access, theft of equipment and information, and the environmental and safety measures needed to protect people, the facility, and its resources.

Key Areas of Knowledge

  • Participate in site and facility design considerations
  • Support the implementation and operation of perimeter security (e.g., physical access control and monitoring, audit trails/access logs)
  • Support the implementation and operation of internal security (e.g., escort requirements/visitor control, keys and locks)
  • Support the implementation and operation of facilities security
    • Communications and server rooms
    • Restricted and work area security
    • Data center security
    • Utilities and HVAC considerations
    • Water issues (e.g., leakage, flooding)
    • Fire prevention, detection, and suppression
  • Support the protection and securing of equipment


About this author:


Mary is a leading trainer in Microsoft® and Business Applications.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.