Physical Access Controls
Unlock the complete study guide + 1,040 practice questions across 16 full exams.
Bundled into the existing Certified in Cybersecurity premium course — no separate purchase.
Included in this chapter:
- The deter, deny, detect, delay, respond chain
- Entry devices: locks, gates, badges, and credential strength
- Authorized vs unauthorized: tailgating, piggybacking, and the mantrap
- Monitoring, environmental design, and exam patterns
Building credentials and entry devices, weakest to strongest assurance
| Device | Key or combination lock | Proximity (prox) card | Smart card | Biometric reader |
|---|---|---|---|---|
| How it authenticates | Something you have (key) or know (combination) | Static RFID identifier read wirelessly | Embedded chip performing cryptographic check | Something you are (fingerprint, iris, face) |
| Resistance to cloning | Keys can be copied; combinations can be shared | Low, broadcasts a copyable identifier | High, chip keys cannot be skimmed and copied | High, but can be spoofed without liveness checks |
| Logs the individual | No, a key does not identify who used it | Yes, the card ID is recorded at the reader | Yes, the card ID is recorded at the reader | Yes, the person is identified directly |
| On loss or compromise | Re-key the lock or change the combination | Revoke the card ID in the system | Revoke the card ID in the system | Cannot be reissued, pair with a second factor |
| Stops tailgating | No, authenticates the credential, not the count | No, same gap | No, same gap | No, same gap |
Decision tree
Cheat sheet
Unlock with Premium — includes all practice exams and the complete study guide.