🔐

Logical Security

Sep 4, 2025

Overview

This lecture covers key logical security concepts, including least privilege, access control lists (ACLs), authentication factors, and methods of protecting against unsolicited email and malware.

Least Privilege

  • Least privilege means providing users only the minimum access needed to perform their job functions.
  • Restricting privileges limits the damage malware can do if installed on a user’s system.
  • Users should not be given administrative rights unless absolutely necessary.

Access Control Lists (ACLs)

  • ACLs are lists used to allow or deny access to network traffic or resources.
  • Common criteria for ACLs include source/destination IP, TCP/UDP ports, and protocol type.
  • ACLs filter each packet to decide whether to permit or deny it at network devices or within operating systems.
  • Operating system ACLs can control access to files, directories, or applications.

Authentication Factors

  • Authentication typically uses a username and a password as proof of identity.
  • Types of authentication factors: something you know (password), something you have (token/device), something you are (biometrics), somewhere you are (location), or something you do (behavior).
  • Hardware or software token generators create time-based codes for multi-factor authentication.
  • SMS-based authentication sends a code via text message but is vulnerable to interception and SIM swapping.
  • Voice call authentication delivers codes by phone call but shares the same vulnerabilities as SMS.

Blocking Unsolicited Email

  • Organizations use email gateways to filter and block unsolicited or potentially malicious emails.
  • Filtering can be managed in-house or via cloud-based solutions, scanning attachments for threats and determining action.

Key Terms & Definitions

  • Least Privilege — Limiting user access rights to only what is required for their job.
  • Access Control List (ACL) — A set of rules that controls network or system resource permissions.
  • Authentication Factor — A method of confirming a user’s identity, usually by something known, owned, or inherent.

Action Items / Next Steps

  • Review your organization's policies on setting user permissions and authentication methods.
  • Read about additional authentication methods and best practices for secure email filtering.

Full transcript