Memory cue
| Control | Cue |
|---|---|
| A.8.7 Protection Against Malware | Protection plus awareness, not just antivirus |
Likely exam traps
- Antivirus installation alone is not enough.
- Malware risk is not limited to Windows endpoints.
- User awareness is explicitly part of the control.
- Automatic cleaning still needs verification.
- Free or unapproved security tools may create risk.
Quick comparison
| Question | A.8.7 answer |
|---|---|
| Main concern | Malware prevention, detection, updates, response, and awareness |
| Evidence | Coverage report, update status, scan settings, alert logs, infection records, training records |
| Common failure | Tool installed but not monitored, updated, or supported by user awareness |
| Audit method | Sample protected systems, update status, infection records, and user interviews |
Practical mentor takeaway
Exam lens
A.8.7 expects malware protection to operate as a managed control. The exam will test whether you recognize the combination of technical protection, current updates, incident response, and user awareness.
- Iso27001
- Exam
- Technological controls
- Malware protection
Note Metadata
Aliases: A.8.7 exam cues
Source: 09-Exam-Preparation/EXAM-029-Malware-Protection.md