(ISC)2 Certified in Cybersecurity Practice Exam

What process involves tracking specific device settings?

• A. Risk Management
• B. Baseline Management
• C. Configuration Management
• D. Change Management

The correct answer is: Configuration Management

The process of tracking specific device settings falls under Configuration Management. This discipline focuses on maintaining the integrity of systems throughout their lifecycle. It involves identifying, organizing, and controlling the various components of an IT system, including hardware, software, and their configurations. By monitoring specific device settings, Configuration Management ensures that systems adhere to established standards and practices, making it easier to identify any unauthorized changes or deviations from the expected configuration. Establishing a clear baseline of configurations allows organizations to understand what the normal operations of their systems should look like and assists in detecting any anomalies or issues that could arise. Proper Configuration Management can also enhance security by ensuring that all devices are configured securely and consistently according to best practices or regulatory requirements. While Risk Management, Baseline Management, and Change Management are important processes in their own right, they serve different functions. Risk Management focuses on identifying and mitigating risks associated with IT systems; Baseline Management refers to the process of establishing and maintaining a baseline, or minimum standard, for system performance and security; and Change Management deals with controlling changes to IT systems to minimize disruption. None of these processes specifically focus on the detailed tracking of device settings as Configuration Management does.