Memory cues
| Control | Cue |
|---|---|
| A.7.1 Physical Security Perimeters | Define the protected physical zones |
| A.7.2 Physical Entry | Control who crosses into secure areas |
What the exam is likely testing
- A.7.1 is about defined and used security perimeters.
- A.7.2 is about entry controls and access points for secure areas.
- Physical controls protect confidentiality, integrity, and availability.
- Perimeters can be internal as well as external.
- Visitors, badges, delivery areas, loading bays, emergency exits, and shared-premises access matter.
- Physical access rights need review and removal like logical access rights.
Quick distinction
| Question | A.7.1 | A.7.2 |
|---|---|---|
| Main concern | Where is the protective boundary? | Who can enter through the access point? |
| Main evidence | Zone register, perimeter diagram, risk assessment, inspection | Access register, logs, visitor records, delivery records |
| Main trap | Treating the building wall as the only perimeter | Treating sign-in or badges as enough without behavior/review |
| Audit method | Walk the perimeter and inspect bypasses | Observe entry behavior and sample records |
Practical mentor takeaway
Last-day cue
A.7.1 defines the protected physical zones. A.7.2 controls movement into those zones.
- Iso27001
- Exam
- Physical controls
Note Metadata
Aliases: A.7.1 A.7.2 exam cues
Source: 09-Exam-Preparation/EXAM-020-Physical-Perimeters-and-Entry.md