Smart cards and firewalls are what type of access control?

Question

Specifically for the CISSP, trying to figure out what type of access control these would be considered.

score 1 · Answer 1 · answered Jan 08 '15 at 02:11

Short answer: Both smart cards and firewalls would be considered technical access controls.

There are three types of access control as defined by ISC2, technical, administrative, and physical. Physical includes badge readers, physical locks, etc. Administrative would be policies or procedures about access. Technical includes hardware or software systems which provide access control.

score -1 · Answer 2 · answered Feb 26 '17 at 09:01

The above is correct, but my understanding is that they could also could be considered a physical control. "If you can hit your head on it, or drop it on your foot, it's a physical control". If you have an actual rack mounted firewall, for example, that device is a physical control. The software inside would be a technical control.

Smart cards and firewalls are what type of access control?

2 Answers2