2.1 Summarize physical and logical security measures
📘CompTIA A+ Core 2 (220-1202)
Physical access security is about controlling who can enter a building, room, or access sensitive IT equipment. It protects computers, servers, networking devices, and data from theft, damage, or unauthorized use.
Physical security is the first line of defense before logical or software security. Even the best passwords or antivirus are useless if someone can walk into a server room and steal a hard drive.
1. Access Control Tools
These tools control who gets in and when.
Key Fobs
- A small electronic device used to gain access.
- Often used with doors in server rooms or offices.
- Works by sending a unique electronic signal that the door reader recognizes.
- IT context: Each employee has their own fob; if it’s lost, access can be easily disabled without changing locks.
Smart Cards
- A plastic card with a chip that stores authentication data.
- Requires insertion into a card reader or tapping on a contactless reader.
- Often used for two-factor authentication: card + PIN.
- IT context: Accessing secure server rooms, data centers, or logging into corporate computers.
Mobile Digital Keys
- Digital keys stored on smartphones.
- Can unlock doors using Bluetooth, NFC, or Wi-Fi.
- Convenient and reduces the need for physical cards.
- IT context: Staff can use their mobile devices to enter restricted areas, with easy logging of who entered and when.
Keys
- Traditional physical metal keys.
- Still used for some server cabinets or restricted areas.
- IT context: Often a backup method if electronic systems fail.
2. Biometric Access Controls
Biometrics use unique physical or behavioral traits to verify identity. They are harder to duplicate than cards or keys.
Retina Scanner
- Scans the unique pattern of blood vessels in the back of the eye.
- Very accurate, hard to fake.
- IT context: Often used in high-security areas like data centers or research labs.
Fingerprint Scanner
- Reads the unique patterns of ridges and valleys on a finger.
- Popular because it’s fast and convenient.
- IT context: Unlocks laptops, mobile devices, or secure doors in offices.
Palm Print Scanner
- Scans the palm’s lines and ridges.
- Can also measure vein patterns for extra security.
- IT context: Used in high-security facilities or labs where fingerprint access isn’t enough.
Facial Recognition Technology (FRT)
- Uses cameras to recognize unique facial features.
- Works without contact—fast for multiple users.
- IT context: Can allow secure building access or monitor server room entry.
Voice Recognition Technology
- Analyzes unique voice patterns.
- Less common than fingerprint or facial scanners but useful for remote verification.
- IT context: Used for access to sensitive areas via intercom systems or for verifying identity over phones.
3. Environmental Physical Security
Lighting
- Bright, well-lit areas discourage unauthorized entry.
- Helps security cameras capture clear footage.
- IT context: Server rooms, data centers, and access corridors should be properly lit to prevent tampering or theft.
Magnetometers
- Detects metal objects on a person, like weapons or unauthorized devices.
- Often used at entrances of high-security buildings.
- IT context: Ensures no one brings prohibited devices (e.g., USB drives or laptops) into secure data rooms.
Summary for the Exam
- Key fobs, smart cards, mobile digital keys, and traditional keys control who can physically enter an area.
- Biometric methods (retina, fingerprint, palm, facial, voice) verify identity based on unique traits, making it hard for intruders to gain access.
- Environmental controls like lighting and magnetometers prevent unauthorized access or unsafe behavior in sensitive areas.
- These measures protect IT assets and data before any software or network protections even come into play.
