CERTIFIED-IN-CYBERSECURITY Question #497: Real Exam Question with Answer & Explanation

Question

In change management, what is the meaning of baseline identification?

Options

• AIdentifying the system and all its components, interfaces, and documentation
• BVerifying that nothing in the system is broken by newly applied changes
• CProvide a minimum level of protection
• DRequesting changes to one or more components in that baseline

Explanation

Baseline identification in change management refers to the process of comprehensively identifying and documenting the current state of a system, including all of its components, interfaces, and documentation (see ISC2 Study Guide, Chapter 5, Module 2). This baseline serves as a reference point for measuring and assessing the impact of proposed changes. For example, if an organization is planning to upgrade its IT infrastructure, the existing network configuration, hardware, and software would be identified and documented as a baseline. This baseline would then be used to compare and evaluate the impact of the proposed upgrade. Requesting changes to one or more components of the baseline is part of the change request process, not baseline identification. It involves proposing changes to the existing system, which is different from identifying and documenting the current state of the system. Verifying that newly applied changes do not break the system is part of change verification, not baseline identification. It involves checking the functionality of the system after changes have been implemented, which is a separate process from baseline identification. Providing a minimum level of protection is part of security management, not baseline identification in change management. It involves implementing security measures to protect the system, which is separate from identifying and documenting the current state of the

No community discussion yet for this question.