An organization has installed card readers and a mantrap at the main entrance of its on-premises data center. Swipe records are forwarded to the access-control server and reviewed during weekly audits, but a recent red-team exercise showed that an attacker with a stolen badge was able to step through both doors before the anomaly was detected. Which additional control would best provide real-time enforcement of the approved access list and an immediate response to suspicious behavior at the entrance?
Forward card-reader events to the SIEM in real time for correlation with intrusion-detection logs.
Upgrade the card readers to require a PIN plus RFID badge before unlocking each door.
Station trained security guards at the mantrap to validate IDs and escort visitors.
Install RF shielding around the data-center walls to block wireless eavesdropping.
Trained security guards are an active physical access control. They can verify each person's identification against the authorized access roster before either door in the mantrap is released, escort approved visitors, and challenge or detain individuals whose credentials appear suspicious-delivering the real-time enforcement and incident response the scenario calls for. Forwarding badge events to a SIEM or upgrading readers to require a PIN improves detection or authentication but still relies on automated doors that cannot physically stop or question an intruder once access is granted. RF shielding defends against signal leakage, not unauthorized entry, and does nothing to enforce an access list.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a mantrap and how does it enhance security?
Open an interactive chat with Bash
How do trained security guards improve real-time enforcement in a mantrap?
Open an interactive chat with Bash
What is the role of a SIEM in access control, and why wasn’t it the best solution here?