Which control includes installing devices like firewalls, IDS, IPS, authentication schemes, encryption, auditing or monitoring software, and more?

These measures fall under logical controls, which are security measures implemented through technology and software/hardware configurations to enforce access, protect data, and monitor activity. Firewalls, intrusion detection and prevention systems, authentication schemes, encryption, and auditing or monitoring software are all technical controls that operate the system’s security logic, controlling how data flows and who can do what. Physical controls, in contrast, are tangible barriers like locks, fences, and guards. Administrative controls cover policies, procedures, and governance—things like security policies, user training, access reviews, and incident response processes. Organizational security policies are the written rules that support those administrative measures. Because the items described are activated and enforced by devices and software, they are best classified as logical controls.