(ISC)2 Certified in Cybersecurity Practice Exam

Which two processes help ensure a stable operating environment?

• A. Change and Development Management
• B. Incident and Configuration Management
• C. Change and Configuration Management
• D. Security and Change Control

The correct answer is: Change and Configuration Management

The correct answer focuses on the combination of change and configuration management, which are both essential processes in maintaining a stable operating environment. Change management is crucial because it governs how changes are proposed, reviewed, approved, and implemented within an IT environment. By having a structured approach to managing changes, organizations can reduce the risk of unintended consequences that might disrupt stability or compromise security. This includes ensuring that changes are tested and validated before they are introduced into the production environment. Configuration management complements this by keeping track of the systems and configurations in place, ensuring that they are well-documented and maintained. It involves monitoring the state of systems to ensure they are consistent with the defined baseline. Proper configuration management helps to prevent unauthorized changes and allows for quick recovery in the event of a system failure by maintaining detailed records of configurations. Together, change and configuration management establish a framework that promotes consistency, security, and stability, thereby minimizing the risk of errors or downtimes that could arise from poorly managed changes or inadvertent misconfigurations. In contrast, the other combinations might focus on processes that are important but do not holistically address both stability and systematic change control as effectively. For instance, incident management primarily deals with responding to and managing incidents after they occur, which is