Memory cues
| Control | Cue |
|---|---|
| A.7.12 Cabling Security | Protect cable paths from damage, interference, interception, and wrong connections |
| A.7.13 Equipment Maintenance | Maintain equipment securely and verify it after repair |
| A.7.14 Secure Disposal or Re-Use of Equipment | Remove data and licensed software before equipment reuse/disposal |
Likely exam traps
- A.7.12 is not just tidy cable management; it covers interception, interference, and damage.
- A.7.13 is not only availability; maintenance can expose data or introduce tampering.
- A.7.14 is not the same as A.7.10. A.7.10 covers storage media lifecycle; A.7.14 covers equipment containing storage media before reuse/disposal.
- File deletion is not secure erasure.
- Printers, CCTV devices, network devices, and embedded systems can contain storage.
Quick comparison
| Question | A.7.12 | A.7.13 | A.7.14 |
|---|---|---|---|
| Main concern | Cable routes and terminations | Maintenance and repair | Equipment disposal/reuse |
| Evidence | Cable diagrams, labels, inspection records | Maintenance records, fault logs, maintainer access | Sanitization/destruction records |
| Audit method | Walk cable routes and cabinets | Sample maintenance and tamper checks | Trace asset disposal/reuse records |
| Common failure | Exposed or unlabelled cabling | Unsupervised external maintainer | Deleted files treated as erased data |
Practical mentor takeaway
Exam lens
These are operational controls, but the exam tests whether you see the security impact: cable tampering, maintenance access, and residual data during disposal all directly affect confidentiality, integrity, and availability.
- Iso27001
- Exam
- Physical controls
Note Metadata
Aliases: A.7.12 A.7.13 A.7.14 exam cues
Source: 09-Exam-Preparation/EXAM-026-Cabling-Maintenance-and-Equipment-Disposal.md