CAP · Question #300
Which of the following processes has the goal to ensure that any change does not lead to reduced or compromised security?
The correct answer is A. Change control management. Change control management (also called change management) is specifically designed to ensure that all changes to a system - hardware, software, or configuration - are reviewed, approved, and implemented in a way that does not degrade or compromise the security posture. Configurat
Question
Which of the following processes has the goal to ensure that any change does not lead to reduced or compromised security?
Options
- AChange control management
- BSecurity management
- CConfiguration management
- DRisk management
How the community answered
(45 responses)- A91% (41)
- B4% (2)
- C2% (1)
- D2% (1)
Explanation
Change control management (also called change management) is specifically designed to ensure that all changes to a system - hardware, software, or configuration - are reviewed, approved, and implemented in a way that does not degrade or compromise the security posture. Configuration management deals with documenting and maintaining the baseline state of a system. Risk management identifies and mitigates risks broadly. Security management is an overarching discipline. Change control management is the targeted process that governs individual changes to prevent security regression.
Topics
Community Discussion
No community discussion yet for this question.