nerdexam
(ISC)2

CAP · Question #202

Which of the following processes has the goal to ensure that any change does not lead to reduced or compromised security?

The correct answer is D. Changecontrol management. Change control management (also called change management) is the formal process for reviewing, approving, and implementing changes to a system in a controlled way. Its primary security goal is to ensure that modifications do not introduce vulnerabilities or weaken existing contro

Compliance Maintenance

Question

Which of the following processes has the goal to ensure that any change does not lead to reduced or compromised security?

Options

  • ARisk management
  • BSecurity management
  • CConfiguration management
  • DChangecontrol management

How the community answered

(47 responses)
  • A
    6% (3)
  • B
    2% (1)
  • C
    4% (2)
  • D
    87% (41)

Explanation

Change control management (also called change management) is the formal process for reviewing, approving, and implementing changes to a system in a controlled way. Its primary security goal is to ensure that modifications do not introduce vulnerabilities or weaken existing controls. Risk management identifies and mitigates risks broadly. Security management encompasses overall security policies. Configuration management tracks system baselines, but it is the change control process specifically that governs whether a proposed change is allowed and ensures security is preserved throughout.

Topics

#Change control#Security change management#System integrity#Operational security

Community Discussion

No community discussion yet for this question.

Full CAP Practice