cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
yanny2001
Viewer II

Is a badge reader Logical control or Physical control?

Hi everyone, I am studying Chapter 1: Security Principles and having a question that whether a badge reader is considered as techical (logical) access control or physical access control? As the flash cards said that "In modern organizations, many physical control systems are linked to technical/logical systems, such as badge readers connected to door locks." But some internet source said that badge readers are techical (logical) access control. I am confused and would like to get a correct answer please. 

3 Replies
Early_Adopter
Community Champion

This is where you need to discern best fit/worst fit.

Here my quick thought process, first I’d look at the other answers and try to rule them out.



Then I’d consider the physical environment first. Is it the reader that stop the improper access or is it the door? Mantrap? Lots of men, Dog and guns? A big open space with lots of thermal cameras…?

Then to the badge reader - is it something that is the actual control, or something that facilitates it? Well - I’d say the Door is the most obvious physical control, and the card reader is a component of the Badge Access control system - it helps identify, authenticate and check authority of the person accessing the location. It also has accounting and may also do biometrics/pin. This though in view I’d be leaning towards a technical/logical control - plu

So is it?

deterrent, preventive, detective, and corrective

Or don’t those for and it’s one of:

Physical, Administrative or technical?

Well it’s obviously blended… so what’s it most like? I’d mine the text of the question or scenario as that gives the most satisfactory answer. Now I can’t give you the right answer, but the CISSP exam isn’t really about being right every time, but a process that statistically moves you over the threshold needed.

OK, stinking my neck out Is say it’s technical As it’s part of a system that uses NFCs, chip reader, ACL, identity, authentication, authorisation and it automates its process.

It’s not administrative as that would be policy, process and people and could config the tech control or purchase the sturdy, locking door.

Recapitulating - Sure it’s a physical but the locked door is more physical.

So answer is technical control(part thereof - and I’m completely happy to be proven wrong with a different/better rationale.

Hope this helps and if you give up absolute certainty but think in the balance of probabilities you’ll find the exam easier psychologically..

One last thing… What did you think? Why did you think that? How would you write a question to test what somebody thinks about this? If you do this you can think your way a tiny bit into the head of the person writing questions - expensive in time - but CAT means accuracy > Speed, you have the time so use it if you can - also you have a pen and pad - use these they Crystallise your thoughts.

Rosie7
Viewer

In the cc self-paced course, badge readers are included as an example in the logical access control system definition, but later in the same course, a badge reader is used as an example for a physical access control system. I think it depends on how the badge reader is being used.

Early_Adopter
Community Champion

Logical is probably the best fit because the badge reader is an input device for the Access Management System, it won’t stop/delay you physically(the door it opens will do that).

Do read the question and make sure you have a clear grasp of the context and that you comprehend it well, is the best advice in the actual exam - something might change your answer correctly or even incorrectly and your knowing why you changed it(i’e. You have a good rationale is going to help a lot).

Least bad, most good answers…