Which of the following best describes a mantrap?

Try the new Google Books

Check out the new look and enjoy easier access to your favorite features

In this sample chapter from CompTIA A+ Core 1 (220-1001) and Core 2 (220-1002) Cert Guide, 5th Edition, you will review exam objectives related to security, including physical security measures, logical security concepts, wireless security protocols and authentication, social engineering threats and vulnerabilities, best practices to secure a workstation, and more.

This chapter covers the 10 A+ 220-1002 exam objectives related to security. These objectives may comprise 24 percent of the exam questions:

• Core 2 (220-1002): Objective 2.1: Summarize the importance of physical security measures.

• Core 2 (220-1002): Objective 2.2: Explain logical security concepts.

• Core 2 (220-1002): Objective 2.3: Compare and contrast wireless security protocols and authentication methods.

• Core 2 (220-1002): Objective 2.4: Given a scenario, detect, remove, and prevent malware using appropriate tools and methods.

• Core 2 (220-1002): Objective 2.5: Compare and contrast social engineering, threats, and vulnerabilities.

• Core 2 (220-1002): Objective 2.6: Compare and contrast the differences of basic Microsoft Windows OS security settings.

• Core 2 (220-1002): Objective 2.7: Given a scenario, implement security best practices to secure a workstation.

• Core 2 (220-1002): Objective 2.8: Given a scenario, implement methods for securing mobile devices.

• Core 2 (220-1002): Objective 2.9: Given a scenario, implement appropriate data destruction and disposal methods.

• Core 2 (220-1002): Objective 2.10: Given a scenario, configure security on SOHO wireless and wired networks.

The most important asset most companies own is their data. Data has become so important to business success that it is what most thieves seek. Because of the interconnected nature of the Internet, a security breach of a single device or network can lead to data theft, including the theft of client financial data that can greatly affect the lives of millions. Large-scale data breaches have brought large companies to bankruptcy, so data security is among the top concerns of business leadership. In this chapter, you learn about the multifaceted threats to security in the modern computing environment and how to mitigate them through the study of these CompTIA A+ Core 2 objectives. This chapter covers the following topics:

• Physical security measures: Physical security practices and their implementation.

• Logical security concepts: Software-based security measures.

• Wireless security protocols and authentication: Types of wireless security and authentication.

• Malware removal and prevention: Methods and protocols for detection and prevention.

• Social engineering threats and vulnerabilities: The various types of threats.

• Microsoft Windows OS security settings: The important Microsoft security settings.

• Security best practices to secure a workstation: Implementation of best practices.

• Securing mobile devices: Implementation methods for securing devices.

• Data destruction and disposal: Methods and techniques for safely and securely disposing of hardware.

• Configuring security on SOHO networks: Methods for configuring SOHO security.

“Do I Know This Already?” Quiz

The “Do I Know This Already?” quiz allows you to assess whether you should read the entire chapter. Table 7-1 lists the major headings in this chapter and the “Do I Know This Already?” quiz questions covering the material in those headings so you can assess your knowledge of these specific areas. The answers to the “Do I Know This Already?” quiz appear in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes and Review Question Sections.”

Table 7-1 “Do I Know This Already?” Section-to-Question Mapping

1. What kind of security breach is a mantrap designed to foil?

• a. Biometric

• b. Tailgating

• c. Sleeping guard

• d. Shoulder surfing

2. Say that you have been asked to improve security by adding a system to examine network packets to determine whether they should be forwarded or blocked. What is the function you would be most likely to add?

• a. MAC address filtering

• b. MAC address cloning

• c. Software firewall

• d. Multifactor authentication

3. Which of the following is the most secure wireless protocol in use today?

• a. WEP

• b. WEP3

• c. TKIP

• d. WPA2

4. A user has unwittingly downloaded malware while also downloading a free application on a gaming site. What general term describes the unintentionally downloaded file?

• a. Worm

• b. Trojan

• c. Ransomware

• d. Botnet

5. Several computers on a network have been commandeered to launch an attack on a server on the Web. Which term best describes this situation?

• a. Phishing

• b. DoS

• c. Spoofing

• d. DDoS

6. Which setting allows the user the most privileges on a Windows network?

• a. Modify

• b. Read and Execute

• c. Ultimate Use

• d. Write

7. Which is the best example of a strong password?

• a. dr0wssap

• b. Password9

• c. Pa5SwoRd5

• d. pA55wrds

8. Which of the following is not an example of biometric authentication?

• a. Entering a password and answering a secret question

• b. Apple FACE ID

• c. Windows Hello

• d. Touch ID

9. Which method erases storage media but leaves the device intact?

• a. Data shredding

• b. Degaussing

• c. BitLocking

• d. Incineration

10. To help hide the identity of a wireless router, what should be changed from the default setting?

• a. Private IP address

• b. MAC address filter

• c. IP default gateway

• d. Service set identifier

Foundation Topics

There are some cases in which serious access control measures are necessary, such as the entrance into a secure or sanitized room or facility. In those cases, mantraps are a potential solution. While these access control systems require a hefty upfront investment, they can be used to prevent unauthorized access to an even more valuable facility. This guide explains everything you need to know about mantraps.

What is a mantrap?

A mantrap is a physical security system consisting of an enclosed space between two sets of interlocking doors, where one door must close before the second door can be unlocked and opened. This highly secure system briefly traps an individual inside a small room so their identity can be verified through an additional layer of security, or to ensure they are not bringing any potential contaminants into a sterile environment or out of a hazardous materials laboratory.

Granting or denying access through the second locked door is often the responsibility of a stationed guard who can assist in verifying an individual’s credentials, or through automated security checks that utilize keycards, biometrics, passwords, and other multifactor authentication methods.

Mantraps can be expensive to purchase and often require a great deal of costly modification to an existing facility, but their costs may be quite minimal compared to the potential damage caused by an unauthorized individual gaining access to your most valuable data or hardware.

According to IBM Security and the Ponemon Institute’s 2020 Cost of a Data Breach Report, approximately 80% of data breaches involved the theft of customer’s personally identifiable information. While this may sound like a cybersecurity issue, the report also notes that 10% of the breaches in the study were the result of a physical security compromise, with an average cost of $4.36 million per breach. Many, if not all, of these physical security data breaches could have been avoided with the use of a mantrap to limit access to secure hardware.

How do mantraps work in access control?

In terms of access control systems for businesses, a mantrap is implemented for the purpose of restricting the entry and exit to and from the most secure areas of a facility.

An authorized individual must first gain entry through the perimeter door, using any number of potential ID verification technologies, such as a PIN code, fingerprint scanner, or smartphone. Once they pass through the door into the vestibule, the entry door must be closed and locked before they can attempt to bypass the second secured door using another method of ID verification. This is typically a more stringent authentication method than the perimeter door uses. With the exception of an emergency situation such as a fire or evacuation, there is no case in which both doors can be left open at the same time. This ensures that the regular passage in and out of a mantrap is slow and controlled.

The ways each door can be unlocked are one of the main differentiators between mantrap systems. The most secure options require an individual to use some form of multifactor authentication to gain entry through the first door, where they might be viewed on camera or greeted by a security guard who will control their access to the second door. Other systems are fully automated.

Where are mantraps used?

Mantraps are more common than you may realize. You could expect to see a mantrap in airlocks, cleanrooms, research labs, data centers, military facilities, casinos, banks, and other highly secure areas or sterile environments. They are typically used to protect highly valuable data or assets from theft or manipulation. Each of these access control systems can only function properly when used in conjunction with the appropriate security protocols.

One of the most frequent and rudimentary applications of an access control vestibule can be found at your local dog park. Most dog park entrances feature two simple locking gates with an open space to ensure no animals can easily escape each time a new visitor attempts to enter the park. While the level of security and ID verification is practically nonexistent – you typically just need to have thumbs to open the gates – it works primarily on the same access control principle as the more complex systems. This type of access control system dates back to the Middle Ages, when a set of heavy portcullis gates was often used to keep a visitor trapped until their identity could be verified. 

Editor’s note: Looking for the best access control solution for your business? Fill out the below questionnaire to have our vendor partners contact you about your needs.

Benefits of mantraps

Mantraps are among the best ways to restrict movement in and out of any secure facility. While access cards can be cloned and passwords may be hacked, the additional security of these multilayer systems can highly mitigate the risks of a break-in or unauthorized access. While an unauthorized individual could conceivably breach the first door, this may prevent them from unlocking the second door, potentially trapping them inside until the proper authorities can escort them out. This level of security alongside the threat of being detained serves as a strong deterrent to would-be thieves.

The authentication required to cross through the entire system can be used to create a comprehensive audit trail for personnel and guests, letting you know precisely who has gained entry and the exact moment they interacted with each of your security measures.

Mantraps can also be used in conjunction with additional business security system features, such as metal detectors, multifactor authentication, biometric scanners, stationed guards, video monitoring, PINs, environmental hazard detection, and even infrared beams or scales to ensure that only one person is entering the vestibule at a time.

Drawbacks of mantraps

Mantraps are far from the most affordable smart security systems; in fact, they are very expensive to install and typically require heavy modifications to existing facilities. The basic equipment can cost $30,000 to $60,000, depending on the sophistication and locking mechanisms. Once installed, they can make it difficult to transport large equipment, remove waste or pass regular deliveries to the more secure areas of your facility.

To function at their most stringent level of access control, these systems also require full-time monitoring with a stationed guard, which increases their operating expenses greatly. If not designed, installed, and managed properly, they may also present a significant safety risk to approved individuals inside your facility. It is especially important that this type of access control system is always up to fire code regulations, with an exit that can unlock quickly in case of fire or other emergency evacuation scenarios. It is also critical that anyone with authorization through these systems receives the proper training to leave the premises safely and quickly in case of an emergency.

Without a stationed security guard or other scanning technology, it could still be possible for multiple people to gain access by piggybacking or tailgating off an authorized individual’s credentials, whether the authorized individual has provided their credentials voluntarily or not. But with the proper staff and technology, a one-person-only access control system is relatively easy to maintain.

Jeff Hale

business.com Contributing Writer

Jeff Hale is a writer and editor based in San Diego with a background in business development and marketing. He has identified new market opportunities for Fortune 500 companies and developed communications strategies and digital branding for tech startups and small businesses. Jeff covers emerging technologies and business solutions with a focus on efficiency and growth. He holds a Bachelor’s degree in English from the University of California, Irvine, and an MBA from Chapman University.