Physical Security Controls - Locks Lab

#physical_security

Written Lab Report

  1. In your own words, explain the purpose of physical security controls and why understanding their vulnerabilities is important.
    The purpose of physical security controls is to prevent attackers from accessing or tampering with physical hardware and restricted areas. In many systems, gaining physical access can completely compromise security, since an attacker can bypass software protections. Understanding physical vulnerabilities is important because it helps us reduce the risk of someone manipulating or damaging systems at the hardware level.

  2. Describe your experience with lock picking. What techniques did you use? What challenges did you encounter?
    This was my first time lock picking, and I really enjoyed it. I even started thinking about getting my own lock-picking set because it was so fun. I used both single-pin picking and raking. I noticed that with the proper raking tool, opening the locks became much easier, at least for the locks we tested. The hardest part for me was applying the right amount of tension with the turning tool without causing the pins to bind, but overall I found the process simple and very interesting.

  3. Reflect on the ethical considerations of learning lock picking. Why is it important to approach this skill with a strong ethical foundation?
    The impact of this skill is significant. By learning lock picking, you gain the ability to access many common locks, which could easily be misused. That is why it is very important to approach this ability with a strong ethical foundation. Even though it is fun to learn, the goal is to use it responsibly for education and security purposes, not to commit any crime.

  4. Describe any insights you gained from working with your group. How did collaboration help you understand the process better?
    Working with my group was a great experience. I was able to help others with lock picking, and since we had different types of locks, we could exchange them and observe different techniques. Seeing how others approached the same problem helped me understand the process better, and having a group made the experience much more engaging and enjoyable.

  5. What is the primary purpose of physical security controls?
    The primary purpose of physical security controls is to prevent unauthorized individuals from accessing physical locations, equipment, or hardware that they are not supposed to enter or manipulate.

  6. Why is it essential to understand lock vulnerabilities from a cybersecurity perspective?
    It is essential because physical access often leads directly to digital compromise. If an attacker can bypass a lock, they may gain access to servers, network devices, or sensitive systems. Understanding lock vulnerabilities helps cybersecurity professionals identify weaknesses that could be exploited and strengthen the overall security of an organization.

  7. Describe the difference between raking and single-pin picking. Which technique did you find more effective?
    Single-pin picking focuses on setting each pin individually, which requires more skill and time but is very reliable. I found this technique very effective since I was able to open three different locks with it, and it felt very rewarding to succeed with it.

    Raking is more of a fast, brute-force technique that uses a special tool to quickly move multiple pins at once. It also worked well on our locks, but it depends more on having the right tool. Overall, both techniques were effective, but I preferred single-pin picking because it felt more precise and consistent.

  8. How could the knowledge of lock picking be applied in a penetration test?
    This knowledge can be used in a physical penetration test to identify physical vulnerabilities. By attempting to pick locks in a controlled and authorized environment, testers can evaluate how easily unauthorized access could occur and determine where physical security needs to be improved.

  9. What are the potential risks associated with acquiring lock-picking skills?
    One major risk is that these skills could be misused to access unauthorized rooms, equipment, or sensitive areas. This could lead to theft, damage, exposure of confidential information, or disruption of critical operations. That is why it is important to use these skills responsibly.