Memory cues
| Control | Cue |
|---|---|
| A.8.12 Data Leakage Prevention | Prevent sensitive data leaving through unapproved flows |
| A.8.13 Information Backup | Maintain and test backups of information, software, and systems |
Likely exam traps
- DLP is not just a tool.
- DLP requires knowing sensitive data and approved flows.
- False positives affect DLP effectiveness.
- Backup job success is not restore success.
- Backups need protection equivalent to the original information.
- Cloud backups and snapshots still need scope, retention, protection, and restore testing.
Quick comparison
| Question | A.8.12 | A.8.13 |
|---|---|---|
| Main concern | Unauthorized data leakage | Recoverability of information/software/systems |
| Evidence | DLP scope, data flow register, rules, alerts, transfer approvals | Backup schedule, coverage, job logs, restore tests, backup protection |
| Common failure | Tool deployed with generic/noisy rules | Backups run but restores are never tested |
| Audit method | Follow sensitive data flows and DLP alerts | Follow backup set from scope to restore test |
Practical mentor takeaway
Exam lens
A.8.12 controls where sensitive data may leave. A.8.13 proves the organization can recover data and systems when something goes wrong.
- Iso27001
- Exam
- Technological controls
- Dlp
- Backup
Note Metadata
Aliases: A.8.12 A.8.13 exam cues
Source: 09-Exam-Preparation/EXAM-032-DLP-and-Backup.md