Before exploring access controls, let's discover some important terms in security controls. By definition, a control as a noun means an entity that checks based on a standard. Security controls are divided into three main categories:
- Management security controls: These use managerial techniques and planning to reduce the following risks:
- Vulnerability analysis
- Pentesting
- Risk analysis
- Technical security controls: This is also known as operational security controls. They use both technologies and awareness as safeguards. These are some examples:
- Firewalls
- Encryption
- Intrusion detection systems
- Antivirus
- Training
- Physical security controls: These are the physical safeguards used to protect the following data:
- Cameras
- Gates
- Biometrics
- Sensors
![](https://static.packt-cdn.com/products/9781788624480/graphics/assets/e9f9ca71-e4cd-45fc-84eb-60771f4d9131.png)