UnixTime

Research Note

EXAM-020 - Physical Perimeters and Entry

- A.7.1 is about defined and used security perimeters. - A.7.2 is about entry controls and access points for secure areas. - Physical controls protect confidentiality, integrity...

On this page

Memory cues

Control Cue
A.7.1 Physical Security Perimeters Define the protected physical zones
A.7.2 Physical Entry Control who crosses into secure areas

What the exam is likely testing

  • A.7.1 is about defined and used security perimeters.
  • A.7.2 is about entry controls and access points for secure areas.
  • Physical controls protect confidentiality, integrity, and availability.
  • Perimeters can be internal as well as external.
  • Visitors, badges, delivery areas, loading bays, emergency exits, and shared-premises access matter.
  • Physical access rights need review and removal like logical access rights.

Quick distinction

Question A.7.1 A.7.2
Main concern Where is the protective boundary? Who can enter through the access point?
Main evidence Zone register, perimeter diagram, risk assessment, inspection Access register, logs, visitor records, delivery records
Main trap Treating the building wall as the only perimeter Treating sign-in or badges as enough without behavior/review
Audit method Walk the perimeter and inspect bypasses Observe entry behavior and sample records

Practical mentor takeaway

Last-day cue

A.7.1 defines the protected physical zones. A.7.2 controls movement into those zones.

  • Iso27001
  • Exam
  • Physical controls

Note Metadata

Aliases: A.7.1 A.7.2 exam cues

Source: 09-Exam-Preparation/EXAM-020-Physical-Perimeters-and-Entry.md