CAP · Question #202
Which of the following processes has the goal to ensure that any change does not lead to reduced or compromised security?
The correct answer is D. Changecontrol management. Change control management (also called change management) is the formal process for reviewing, approving, and implementing changes to a system in a controlled way. Its primary security goal is to ensure that modifications do not introduce vulnerabilities or weaken existing contro
Question
Which of the following processes has the goal to ensure that any change does not lead to reduced or compromised security?
Options
- ARisk management
- BSecurity management
- CConfiguration management
- DChangecontrol management
How the community answered
(47 responses)- A6% (3)
- B2% (1)
- C4% (2)
- D87% (41)
Explanation
Change control management (also called change management) is the formal process for reviewing, approving, and implementing changes to a system in a controlled way. Its primary security goal is to ensure that modifications do not introduce vulnerabilities or weaken existing controls. Risk management identifies and mitigates risks broadly. Security management encompasses overall security policies. Configuration management tracks system baselines, but it is the change control process specifically that governs whether a proposed change is allowed and ensures security is preserved throughout.
Topics
Community Discussion
No community discussion yet for this question.