Network Security

Jaime D. Chavez

D03134773

Homework Week 3

Technical Controls Document

Practices for Administration of

Physical and Operational Security

November 12, 2014

1) How could administrative, technical and physical controls introduce a false sense of security?

Let’s define key facts before we establish a proper answer for this question. Technical controls

use technology as a basis for controlling the access and usage of sensitive data throughout a

physical structure and over a network i.e. encryptions, smart cards (Common Access Card).

There is another type of technical controls such as logical controls which use software and

data to monitor and control access to information and computing systems such firewalls,

encrypted password. Administrative controls play a very important role since they consist of

organizational policies and guidelines that help minimize the exposure of an organization. They

provide a framework by which an organization can manage and inform its people how they

should conduct themselves while they are at workplace and provide clear steps employees can

take when they are confronted with a potentially precarious situation. There is a variety of

examples of administrative controls such as the corporate security polices implemented in an

established organization. With that said, a false of security can be easily introduced due to the

sense users will perceive with the use of methods previously spoken for instance the security

password. Certain methods will give the sense of security to the users, although in real time

scenario the chance of the security password being compromised by non-authorized user is

very likely. Since, there are several policies in place that ensure security awareness using the

administrative control we have talked about that are driven by organizations objectives rather

than just a simple guess, it could lead to have policies that are very secure that will be

disregarded by personnel...