Logical security

2.1 Summarize physical and logical security measures

📘CompTIA A+ Core 2 (220-1202)

Logical security refers to digital protections that control who can access data, applications, and systems. Unlike physical security (locks, cameras), logical security protects information in the IT environment using software and rules.

1. Principle of Least Privilege

  • Definition: Users, apps, and systems should have only the minimum access needed to do their job.
  • Purpose: Limits risk if an account is compromised.
  • Example in IT:
    • A junior IT technician can read server logs but cannot delete files.
    • A developer can push code to a testing environment, but not to production.

2. Zero Trust Model

  • Definition: “Never trust, always verify.” Every request to access a system must be authenticated and authorized, even if it comes from inside the network.
  • Purpose: Stops attackers who bypass the network perimeter.
  • Example in IT:
    • Employees logging into the company database from the office still need MFA to access sensitive information.

3. Access Control Lists (ACLs)

  • Definition: A list that specifies who can access a resource and what they can do (read, write, execute).
  • Purpose: Provides granular control over files, folders, or network resources.
  • Example in IT:
    • A shared folder on a server has an ACL that allows Finance group to read/write, but all others only to read.

4. Multifactor Authentication (MFA)

  • Definition: Requires two or more verification methods to access an account.
  • Purpose: Strongly prevents unauthorized access.
  • Types & IT examples:
    1. Email: A login link or code sent to a user’s email.
    2. Hardware token: A small device that generates a one-time code.
    3. Authenticator application: Apps like Microsoft Authenticator or Google Authenticator generate a TOTP code.
    4. SMS (Short Message Service): Code sent via text message.
    5. Voice call: Code delivered via automated phone call.
    6. TOTP (Time-based One-Time Password): Code changes every 30–60 seconds, used in authenticator apps.
    7. OTP (One-Time Password/Passcode): Single-use code sent to a device or app.

Tip for exam: Know that MFA is something you know (password) + something you have (token, phone) + something you are (biometrics).

5. Security Assertion Markup Language (SAML)

  • Definition: A standard for exchanging authentication and authorization data between systems.
  • Purpose: Allows secure identity verification between organizations or apps.
  • Example in IT:
    • Logging into Salesforce using your company’s credentials instead of creating a separate username.

6. Single Sign-On (SSO)

  • Definition: Users log in once and gain access to multiple systems without logging in again.
  • Purpose: Reduces password fatigue and improves security by centralizing authentication.
  • Example in IT:
    • Logging in to your corporate email, then immediately accessing Teams, SharePoint, and HR systems without entering passwords again.

7. Just-in-Time (JIT) Access

  • Definition: Temporary access is granted only when needed, then removed automatically.
  • Purpose: Limits unnecessary access to sensitive systems.
  • Example in IT:
    • A sysadmin gets temporary admin rights to a server for troubleshooting, and rights are revoked automatically after 2 hours.

8. Privileged Access Management (PAM)

  • Definition: Tools and processes to control and monitor high-level accounts (admins).
  • Purpose: Protects against misuse or compromise of critical accounts.
  • Example in IT:
    • Admin passwords are stored in a secure vault, and every action is logged for auditing.

9. Mobile Device Management (MDM)

  • Definition: Software that controls, monitors, and secures mobile devices in an organization.
  • Purpose: Ensures company data is safe on mobile devices.
  • Example in IT:
    • If a company phone is lost, the IT team can remotely wipe it.

10. Data Loss Prevention (DLP)

  • Definition: Tools and policies to prevent sensitive data from leaving the organization.
  • Purpose: Protects confidential information like financial data, personal info, and intellectual property.
  • Example in IT:
    • DLP software blocks sending company documents to personal email or USB drives.

11. Identity and Access Management (IAM)

  • Definition: A system that manages user identities and their access to resources.
  • Purpose: Ensures right people have the right access at the right time.
  • Example in IT:
    • When a new employee joins, IAM creates accounts with the necessary permissions automatically. When they leave, access is removed.

12. Directory Services

  • Definition: Centralized databases that store user accounts, devices, and permissions.
  • Purpose: Helps manage large networks efficiently.
  • Example in IT:
    • Active Directory (AD) in Windows networks allows IT to create user accounts, set group policies, and control access to files and systems from one place.

Key Points for the Exam

  • Logical security protects digital resources.
  • Use least privilege and Zero Trust to limit risks.
  • ACLs, IAM, and directory services help control who can access what.
  • MFA, SSO, SAML make authentication stronger and easier.
  • PAM, JIT, MDM, and DLP manage sensitive accounts and data.
Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by