NIST Cybersecurity Framework and Security Measures
1. Identify function first step: Create an inventory of physical assets within the substation
(NIST ID.AM-1).
2. Prioritize assets in Identify function: Based on criticality or value to business functions (NIST
ID.BE-3).
3. Goal of Protect function: Manage access to authorized devices and resources; control physical
access (NIST PR.AC-1, PR.AC-2).
4. Detect anomalies: Use systems that monitor activity and identify events impact- ing
operations (NIST DE.CM-2, DE.CM-3).
5. Respond function requirement: A response plan for breaches or anomalies to mitigate impacts
(NIST RS.AN-1, RS.CO-4).
6. Purpose of Recover function: Develop recovery steps and plans for breaches to restore
operations (NIST RC.RP-1).
7. Outer perimeter definition: The legal or physical line marking the boundary for movement
control.
8. Inner perimeter contents: Physical barriers such as walls, doors, and windows.
9. Interior perimeter purpose: Secures the innermost areas like offices and cubi- cles.
10.Access control subsystems: Monitoring systems, video surveillance, and in- trusion
detection systems.
11.Types of access-control gates: Sliding gates and swinging gates.
12.Key factors in authentication: Knowledge, possession, inherence, and loca- tion.
13.Type 1 and Type 2 authentication failures: Type 1: False rejection; Type 2: False
acceptance.
14.CPTED definition: Principles that use design to anticipate and discourage intrusions.
15.Benefits of security guards: They provide judgment, deterrence, and timely intervention.
16.Varifocal vs fixed lenses: Varifocal can refocus; fixed lenses cannot.
17.Use of a telephoto lens: Detailed viewing over long distances.
1/
3
1. Identify function first step: Create an inventory of physical assets within the substation
(NIST ID.AM-1).
2. Prioritize assets in Identify function: Based on criticality or value to business functions (NIST
ID.BE-3).
3. Goal of Protect function: Manage access to authorized devices and resources; control physical
access (NIST PR.AC-1, PR.AC-2).
4. Detect anomalies: Use systems that monitor activity and identify events impact- ing
operations (NIST DE.CM-2, DE.CM-3).
5. Respond function requirement: A response plan for breaches or anomalies to mitigate impacts
(NIST RS.AN-1, RS.CO-4).
6. Purpose of Recover function: Develop recovery steps and plans for breaches to restore
operations (NIST RC.RP-1).
7. Outer perimeter definition: The legal or physical line marking the boundary for movement
control.
8. Inner perimeter contents: Physical barriers such as walls, doors, and windows.
9. Interior perimeter purpose: Secures the innermost areas like offices and cubi- cles.
10.Access control subsystems: Monitoring systems, video surveillance, and in- trusion
detection systems.
11.Types of access-control gates: Sliding gates and swinging gates.
12.Key factors in authentication: Knowledge, possession, inherence, and loca- tion.
13.Type 1 and Type 2 authentication failures: Type 1: False rejection; Type 2: False
acceptance.
14.CPTED definition: Principles that use design to anticipate and discourage intrusions.
15.Benefits of security guards: They provide judgment, deterrence, and timely intervention.
16.Varifocal vs fixed lenses: Varifocal can refocus; fixed lenses cannot.
17.Use of a telephoto lens: Detailed viewing over long distances.
1/
3
