UnixTime

Research Note

EXAM-029 - Malware Protection

- Antivirus installation alone is not enough. - Malware risk is not limited to Windows endpoints. - User awareness is explicitly part of the control. - Automatic cleaning still...

On this page

Memory cue

Control Cue
A.8.7 Protection Against Malware Protection plus awareness, not just antivirus

Likely exam traps

  • Antivirus installation alone is not enough.
  • Malware risk is not limited to Windows endpoints.
  • User awareness is explicitly part of the control.
  • Automatic cleaning still needs verification.
  • Free or unapproved security tools may create risk.

Quick comparison

Question A.8.7 answer
Main concern Malware prevention, detection, updates, response, and awareness
Evidence Coverage report, update status, scan settings, alert logs, infection records, training records
Common failure Tool installed but not monitored, updated, or supported by user awareness
Audit method Sample protected systems, update status, infection records, and user interviews

Practical mentor takeaway

Exam lens

A.8.7 expects malware protection to operate as a managed control. The exam will test whether you recognize the combination of technical protection, current updates, incident response, and user awareness.

  • Iso27001
  • Exam
  • Technological controls
  • Malware protection

Note Metadata

Aliases: A.8.7 exam cues

Source: 09-Exam-Preparation/EXAM-029-Malware-Protection.md